CVE-2019-2697
First published: Tue Apr 16 2019(Updated: )
Last updated 24 July 2024
Credit: secalert_us@oracle.com secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/java | <1.8.0-ibm-1:1.8.0.5.35-1jpp.1.el6_10 | 1.8.0-ibm-1:1.8.0.5.35-1jpp.1.el6_10 |
| redhat/java | <1.7.1-ibm-1:1.7.1.4.45-1jpp.1.el6_10 | 1.7.1-ibm-1:1.7.1.4.45-1jpp.1.el6_10 |
| redhat/java | <1.8.0-ibm-1:1.8.0.5.35-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.5.35-1jpp.1.el7 |
| redhat/java | <1.7.1-ibm-1:1.7.1.4.45-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.4.45-1jpp.1.el7 |
| redhat/java | <1.8.0-ibm-1:1.8.0.5.35-3.el8_0 | 1.8.0-ibm-1:1.8.0.5.35-3.el8_0 |
| Oracle JDK | =1.7.0-update211 | |
| Oracle JDK | =1.8.0-update202 | |
| Oracle JRE | =1.7.0-update211 | |
| Oracle JRE | =1.8.0-update202 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =18.10 | |
| Canonical Ubuntu Linux | =19.04 | |
| Redhat Satellite | =5.8 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Eus | =8.6 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| Hp Xp7 Command View | <8.6.5-00 | |
| debian/openjdk-8 | 8u422-b05-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-2697 https://nvd.nist.gov/vuln/detail/CVE-2019-2697 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA
- https://bugzilla.redhat.com/show_bug.cgi?id=1704480
- https://access.redhat.com/errata/RHSA-2019:1163
- https://access.redhat.com/errata/RHSA-2019:1165
- https://access.redhat.com/errata/RHSA-2019:1164
- https://access.redhat.com/errata/RHSA-2019:1166
- https://access.redhat.com/errata/RHSA-2019:1238
- https://access.redhat.com/errata/RHSA-2019:1325
- https://access.redhat.com/security/cve/CVE-2019-2697
- http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://security.gentoo.org/glsa/201908-10
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us
- https://usn.ubuntu.com/3975-1/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us
- https://launchpad.net/bugs/cve/CVE-2019-2697
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA
- https://security-tracker.debian.org/tracker/CVE-2019-2697
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2697
- https://nvd.nist.gov/vuln/detail/CVE-2019-2697
- https://ubuntu.com/security/CVE-2019-2697
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is CVE-2019-2697?
CVE-2019-2697 is a vulnerability in the Java SE component of Oracle Java SE that allows an unauthenticated attacker with network access to compromise Java SE.
What versions of Java SE are affected by CVE-2019-2697?
Java SE versions 7u211 and 8u202 are affected by CVE-2019-2697.
How severe is CVE-2019-2697?
CVE-2019-2697 has a severity value of 8.1, which is considered high.
How do I fix CVE-2019-2697 on Redhat systems?
To fix CVE-2019-2697 on Redhat systems, update to the specified versions of OpenJDK or Oracle JDK as mentioned in the Red Hat advisory (RHSA-2019:1163).
Where can I find more information about CVE-2019-2697?
You can find more information about CVE-2019-2697 in the following references: [Red Hat Security Advisory (RHSA-2019:1163)](https://access.redhat.com/errata/RHSA-2019:1163), [Oracle Security Advisory (CPUApr2019-5072813)](https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA)
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-2697
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/remedy
- agent/severity
- agent/description
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- package-manager/redhat
- vendor/oracle
- canonical/oracle jdk
- version/oracle jdk/1.7.0-update211
- version/oracle jdk/1.8.0-update202
- canonical/oracle jre
- version/oracle jre/1.7.0-update211
- version/oracle jre/1.8.0-update202
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/18.10
- version/canonical ubuntu linux/19.04
- vendor/redhat
- canonical/redhat satellite
- version/redhat satellite/5.8
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/8.6
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- version/redhat enterprise linux workstation/7.0
- vendor/hp
- canonical/hp xp7 command view
- package-manager/debian