CVE-2019-2697
First published: Tue Apr 16 2019(Updated: )
Last updated 24 July 2024
Credit: secalert_us@oracle.com secalert_us@oracle.com secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/java | <1.8.0-ibm-1:1.8.0.5.35-1jpp.1.el6_10 | 1.8.0-ibm-1:1.8.0.5.35-1jpp.1.el6_10 |
| redhat/java | <1.7.1-ibm-1:1.7.1.4.45-1jpp.1.el6_10 | 1.7.1-ibm-1:1.7.1.4.45-1jpp.1.el6_10 |
| redhat/java | <1.8.0-ibm-1:1.8.0.5.35-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.5.35-1jpp.1.el7 |
| redhat/java | <1.7.1-ibm-1:1.7.1.4.45-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.4.45-1jpp.1.el7 |
| redhat/java | <1.8.0-ibm-1:1.8.0.5.35-3.el8_0 | 1.8.0-ibm-1:1.8.0.5.35-3.el8_0 |
| debian/openjdk-8 | 8u432-b06-2 | |
| Oracle Java SE 7 | =1.7.0-update211 | |
| Oracle Java SE 7 | =1.8.0-update202 | |
| Oracle JRE | =1.7.0-update211 | |
| Oracle JRE | =1.8.0-update202 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =18.10 | |
| Ubuntu | =19.04 | |
| Red Hat Satellite | =5.8 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server EUS | =8.6 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| HP P9000 Command View Advanced Edition Software | <8.6.5-00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-2697 https://nvd.nist.gov/vuln/detail/CVE-2019-2697 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA
- https://bugzilla.redhat.com/show_bug.cgi?id=1704480
- https://access.redhat.com/errata/RHSA-2019:1163
- https://access.redhat.com/errata/RHSA-2019:1165
- https://access.redhat.com/errata/RHSA-2019:1164
- https://access.redhat.com/errata/RHSA-2019:1166
- https://access.redhat.com/errata/RHSA-2019:1238
- https://access.redhat.com/errata/RHSA-2019:1325
- https://access.redhat.com/security/cve/CVE-2019-2697
- http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://security.gentoo.org/glsa/201908-10
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us
- https://usn.ubuntu.com/3975-1/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us
- https://launchpad.net/bugs/cve/CVE-2019-2697
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA
- https://security-tracker.debian.org/tracker/CVE-2019-2697
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2697
- https://nvd.nist.gov/vuln/detail/CVE-2019-2697
- https://ubuntu.com/security/CVE-2019-2697
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is CVE-2019-2697?
CVE-2019-2697 is a vulnerability in the Java SE component of Oracle Java SE that allows an unauthenticated attacker with network access to compromise Java SE.
What versions of Java SE are affected by CVE-2019-2697?
Java SE versions 7u211 and 8u202 are affected by CVE-2019-2697.
How severe is CVE-2019-2697?
CVE-2019-2697 has a severity value of 8.1, which is considered high.
How do I fix CVE-2019-2697 on Redhat systems?
To fix CVE-2019-2697 on Redhat systems, update to the specified versions of OpenJDK or Oracle JDK as mentioned in the Red Hat advisory (RHSA-2019:1163).
Where can I find more information about CVE-2019-2697?
You can find more information about CVE-2019-2697 in the following references: [Red Hat Security Advisory (RHSA-2019:1163)](https://access.redhat.com/errata/RHSA-2019:1163), [Oracle Security Advisory (CPUApr2019-5072813)](https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA)
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-2697
- agent/remedy
- agent/severity
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- collector/nvd-index
- package-manager/redhat
- package-manager/debian
- vendor/oracle
- canonical/oracle java se 7
- version/oracle java se 7/1.7.0-update211
- version/oracle java se 7/1.8.0-update202
- canonical/oracle jre
- version/oracle jre/1.7.0-update211
- version/oracle jre/1.8.0-update202
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/18.10
- version/ubuntu/19.04
- vendor/redhat
- canonical/red hat satellite
- version/red hat satellite/5.8
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/6.0
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/8.6
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/6.0
- version/red hat enterprise linux server/7.0
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/6.0
- version/red hat enterprise linux workstation/7.0
- vendor/hp
- canonical/hp p9000 command view advanced edition software