Denial-of-Service Vulnerability in IBM SDK, Java Technology Edition
CVE-2018-1517

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Sdk, Java Technology Edition
Vendor: CVE Published:; 20 August 2018

🔔 Create IBM Vulnerability Alert

What is CVE-2018-1517?

A vulnerability exists in the java.math component of IBM SDK, Java Technology Edition versions 6.0, 7.0, and 8.0. This flaw can be exploited by attackers to launch denial-of-service attacks utilizing specially crafted String data. When triggered, this vulnerability may disrupt the normal operations of affected systems, impacting availability and service continuity.

Affected Version(s)

SDK, Java Technology Edition 6.0

SDK, Java Technology Edition 7.0

SDK, Java Technology Edition 8.0

References

http://www.ibm.com/support/docview.wss?uid=ibm10719653

x_refsource_CONFIRM

https://access.redhat.com/errata/RHSA-2018:2713

vendor-advisoryx_refsource_REDHAT

https://exchange.xforce.ibmcloud.com/vulnerabilities/141681

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2018
Vulnerability Reserved
Dec 13, 2017

.