Lucene search

Veracode Vulnerability DatabaseVERACODE:12721

HistoryJan 15, 2019 - 9:20 a.m.

Privilege Escalation

2019-01-1509:20:54

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.015 Low

EPSS

Percentile

86.9%

JSON

java-1.8.0-ibm is vulnerable to privilege escalation attacks. The vulnerability exists as a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges.

CPENameOperatorVersion
java-1.8.0-ibmeq1.8.0.4.1__1jpp.1.el6_8
java-1.7.1-ibmeq1.7.1.3.40__1jpp.1.el6_7
java-1.7.1-ibmeq1.7.1.4.1__1jpp.1.el6_8

Name	Operator	Version
java-1.8.0-ibm	eq	1.8.0.4.1__1jpp.1.el6_8
java-1.7.1-ibm	eq	1.7.1.3.40__1jpp.1.el6_7
java-1.7.1-ibm	eq	1.7.1.4.1__1jpp.1.el6_8

References

www.ibm.com/support/docview.wss?uid=isg3T1027315

www.ibm.com/support/docview.wss?uid=swg22014937

www.securityfocus.com/bid/103216

www.securitytracker.com/id/1040403

access.redhat.com/errata/RHSA-2018:0352

access.redhat.com/errata/RHSA-2018:1463

access.redhat.com/security/cve/CVE-2018-1417

access.redhat.com/security/updates/classification/#critical

developer.ibm.com/javasdk/support/security-vulnerabilities/

exchange.xforce.ibmcloud.com/vulnerabilities/138823

www.ibm.com/support/docview.wss?uid=swg22012965

0.015 Low

EPSS

Percentile

86.9%

JSON

Related for VERACODE:12721