VDB
CVE-2018-1417
CVE-2018-1417
PUBLISHED
CVSS 8.100000381469727 HIGH
Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.
EPSS 1.42% · 80.9th percentile
Risk Scores
CVSS 3.0
8.100000381469727
CVSS:3.0/A:H/AC:H/AV:N/C:H/I:H/PR:N/S:U/UI:N
EPSS Score
1.42%
80.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ibm | java_sdk | 6.1.0.0, 8.0.0.0, 7.1.0.0 |
| IBM | SDK, Java Technology Edition | 7.1, 8.0 |
Exploit Intelligence
- https://exchange.xforce.ibmcloud.com/vulnerabilities/138823 (circl)
- 103216 (circl)
- 1040403 (circl)
- RHSA-2018:1463 (circl)
- http://www.ibm.com/support/docview.wss?uid=isg3T1027315 (circl)
- http://www.ibm.com/support/docview.wss?uid=swg22014937 (circl)
- https://www.ibm.com/support/docview.wss?uid=swg22012965 (circl)
Timeline
- Feb 22, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 11, 2023 EPSS Score
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/138823 url
- 103216 vdb
- 1040403 vdb
- RHSA-2018:1463 vendor-advisory
- http://www.ibm.com/support/docview.wss?uid=isg3T1027315 url
- http://www.ibm.com/support/docview.wss?uid=swg22014937 url
- https://www.ibm.com/support/docview.wss?uid=swg22012965 url
- https://nvd.nist.gov/vuln/detail/CVE-2018-1417 advisory