F5-K000134793
First published: Thu May 25 2023(Updated: )
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP and BIG-IQ Centralized Management | >=17.0.0<=17.1.0 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=16.1.0<=16.1.3 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=15.1.0<=15.1.8 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=14.1.0<=14.1.5 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=13.1.0<=13.1.5 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=8.0.0<=8.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of F5-K000134793?
The severity of F5-K000134793 is considered high due to its potential for unauthenticated remote exploitation.
How do I fix F5-K000134793?
To fix F5-K000134793, update affected versions of F5 BIG-IP and BIG-IQ Centralized Management to the latest patched versions.
Which versions are affected by F5-K000134793?
Affected versions include F5 BIG-IP versions from 13.1.0 to 17.1.0 and F5 BIG-IQ Centralized Management versions from 8.0.0 to 8.4.0.
Is F5-K000134793 easy to exploit?
F5-K000134793 is considered difficult to exploit, but successful exploitation can lead to serious consequences.
What components are involved in F5-K000134793?
F5-K000134793 involves vulnerabilities in the Java SE, Java SE Embedded, and JRockit components of Oracle Java SE.
- agent/severity
- agent/references
- agent/last-modified-date
- agent/source
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/event
- agent/tags
- collector/f5-advisory
- source/F5
- alias/CVE-2018-2952
- agent/software-canonical-lookup
- vendor/f5
- canonical/f5 big-ip and big-iq centralized management
- version/f5 big-ip and big-iq centralized management/17.0.0
- version/f5 big-ip and big-iq centralized management/17.1.0
- version/f5 big-ip and big-iq centralized management/16.1.0
- version/f5 big-ip and big-iq centralized management/16.1.3
- version/f5 big-ip and big-iq centralized management/15.1.0
- version/f5 big-ip and big-iq centralized management/15.1.8
- version/f5 big-ip and big-iq centralized management/14.1.0
- version/f5 big-ip and big-iq centralized management/14.1.5
- version/f5 big-ip and big-iq centralized management/13.1.0
- version/f5 big-ip and big-iq centralized management/13.1.5
- version/f5 big-ip and big-iq centralized management/8.0.0
- version/f5 big-ip and big-iq centralized management/8.4.0