First published: Tue Jan 15 2019(Updated: )
Oracle Java SE 8u201 fixes an unspecified vulnerability in the Deployment component (<a href="https://access.redhat.com/security/cve/CVE-2019-2449">CVE-2019-2449</a>). Upstream has CVSS scored this issue as: 3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L External Reference: <a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA</a>
Credit: secalert_us@oracle.com secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/java | <1.8.0-ibm-1:1.8.0.5.30-1jpp.1.el6_10 | 1.8.0-ibm-1:1.8.0.5.30-1jpp.1.el6_10 |
redhat/java | <1.8.0-ibm-1:1.8.0.5.30-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.5.30-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-1:1.8.0.5.35-3.el8_0 | 1.8.0-ibm-1:1.8.0.5.35-3.el8_0 |
Oracle JDK | =1.8.0-update192 | |
Oracle JRE | =1.8.0-update192 | |
Redhat Satellite | =5.8 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Eus | =8.6 | |
Redhat Enterprise Linux Server | =6.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Netapp Oncommand Unified Manager | ||
Netapp Oncommand Unified Manager Windows | >=7.3 | |
Netapp Oncommand Unified Manager Vmware Vsphere | >=9.4 | |
NetApp OnCommand Workflow Automation | ||
Netapp Snapmanager Oracle | ||
Netapp Snapmanager Sap | ||
=1.8.0-update192 | ||
=1.8.0-update192 | ||
=5.8 | ||
=8.0 | ||
=6.0 | ||
=7.0 | ||
=8.6 | ||
=6.0 | ||
=7.0 | ||
=6.0 | ||
=7.0 | ||
>=7.3 | ||
>=9.4 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2019-2449 is a vulnerability in the Java SE component of Oracle Java SE, affecting version 8u192.
CVE-2019-2449 has a severity value of 3.1, which is considered low.
Java SE: 8u192, Oracle JDK, Oracle JRE, Redhat Satellite, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus, and Netapp Oncommand Unified Manager are affected by CVE-2019-2449.
An unauthenticated attacker with network access can exploit CVE-2019-2449 via multiple protocols to compromise Java SE.
You can find more information about CVE-2019-2449 on the Red Hat Security Advisory and Oracle's security advisory websites.