Denial-of-Service Vulnerability in IBM SDK, Java Technology Edition
CVE-2018-1517

5.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
20 August 2018

Summary

A vulnerability exists in the java.math component of IBM SDK, Java Technology Edition versions 6.0, 7.0, and 8.0. This flaw can be exploited by attackers to launch denial-of-service attacks utilizing specially crafted String data. When triggered, this vulnerability may disrupt the normal operations of affected systems, impacting availability and service continuity.

Affected Version(s)

SDK, Java Technology Edition 6.0

SDK, Java Technology Edition 7.0

SDK, Java Technology Edition 8.0

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.