Denial-of-Service Vulnerability in IBM SDK, Java Technology Edition
CVE-2018-1517

5.9MEDIUM

Key Information:

Vendor
IBM
Status
Sdk, Java Technology Edition
Vendor
CVE Published:
20 August 2018

Summary

A vulnerability exists in the java.math component of IBM SDK, Java Technology Edition versions 6.0, 7.0, and 8.0. This flaw can be exploited by attackers to launch denial-of-service attacks utilizing specially crafted String data. When triggered, this vulnerability may disrupt the normal operations of affected systems, impacting availability and service continuity.

Affected Version(s)

SDK, Java Technology Edition 6.0

SDK, Java Technology Edition 7.0

SDK, Java Technology Edition 8.0

References

http://www.ibm.com/support/docview.wss?uid=ibm10719653
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2018:2713
vendor-advisoryx_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
vdb-entryx_refsource_XF

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.