var-201903-1183
Vulnerability from variot

IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081. Vendors have confirmed this vulnerability IBM X-Force ID: 152081 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM Java SDK is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to inject and execute arbitrary-code with elevated privileges. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.0.10.35 and previous versions, 7.1.4.35 and previous versions, 8.0.5.27 and previous versions used by IBM® Db2®

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201903-1183",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sdk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ibm",
        "version": "8.0"
      },
      {
        "model": "sdk",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "sdk",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ibm",
        "version": "java technology edition  8"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.5.3"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.0.0"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.0.7"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.0.5"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.0.4"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.0.3"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.0.2"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.0.1"
      },
      {
        "model": "websphere application server patterns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.0.0"
      },
      {
        "model": "websphere application server liberty",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "19.0.0.1"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.9"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.8"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.7"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.6"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.5"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.4"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.3"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.2"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.10"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.1"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.0"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.9"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.8"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.7"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.6"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.5"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.4"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.3"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.2"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.15"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.14"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.13"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.12"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.11"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.10"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.5.1"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.0.2"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.0.1"
      },
      {
        "model": "websphere application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.0.0"
      },
      {
        "model": "java sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0"
      },
      {
        "model": "java sdk sr5 fp20",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8"
      },
      {
        "model": "java sdk sr3 fp11",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8"
      },
      {
        "model": "java sdk sr2 fp10",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8"
      },
      {
        "model": "java sdk sr1-fp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8"
      },
      {
        "model": "java sdk sr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "857"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8527"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8520"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8515"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8510"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "845"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "842"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8310"
      },
      {
        "model": "java sdk sr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "83"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8214"
      },
      {
        "model": "java sdk sr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "82"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8110"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "811"
      },
      {
        "model": "java sdk 7r1 sr3-fp1",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "java sdk 7r1 sr3 fp50",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "java sdk 7r1 sr3 fp40",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "java sdk 7r1 sr3 fp30",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "java sdk 7r1 sr3",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "java sdk 7r1 sr2-fp10",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "java sdk 7r1 sr2",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "java sdk 7r1 sr1",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "45"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "435"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "430"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "425"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "420"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "415"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "41"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "350"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "340"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "320"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "310"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "31"
      },
      {
        "model": "java sdk sr9-fp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr9 fp50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr9 fp40",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr9 fp30",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr9",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr8-fp10",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr8",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr4-fp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr4-fp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr10 fp30",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7950"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7940"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7932"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7920"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7910"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "791"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7105"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "71035"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "71030"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "71025"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "71020"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "71015"
      },
      {
        "model": "java sdk sr fp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7101"
      },
      {
        "model": "java sdk sr fp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8530"
      },
      {
        "model": "java sdk 7r1 sr fp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "440"
      },
      {
        "model": "java sdk sr fp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "71040"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "107448"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-1890"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:ibm:sdk",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "IBM",
    "sources": [
      {
        "db": "BID",
        "id": "107448"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2018-1890",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-1890",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2018-1890",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "psirt@us.ibm.com",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 1.4,
            "id": "CVE-2018-1890",
            "impactScore": 3.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-1890",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "psirt@us.ibm.com",
            "id": "CVE-2018-1890",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-1890",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201903-037",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-1890",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-1890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-1890"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-1890"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081. Vendors have confirmed this vulnerability IBM X-Force ID: 152081 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM Java SDK is prone to a local privilege-escalation vulnerability. \nAn attackers may exploit this issue to inject and execute arbitrary-code with elevated privileges. There are multiple vulnerabilities in IBM\u00ae Runtime Environment Java\u2122 Version 7.0.10.35 and previous versions, 7.1.4.35 and previous versions, 8.0.5.27 and previous versions used by IBM\u00ae Db2\u00ae",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-1890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "db": "BID",
        "id": "107448"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-1890"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-1890",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "107448",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.0665",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.4753",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.4295",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.4779",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.0698",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.0725",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-1890",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-1890"
      },
      {
        "db": "BID",
        "id": "107448"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-1890"
      }
    ]
  },
  "id": "VAR-201903-1183",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.81666666
  },
  "last_update_date": "2024-11-23T20:34:01.437000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "0873042",
        "trust": 0.8,
        "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873042"
      },
      {
        "title": "0873332",
        "trust": 0.8,
        "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873332"
      },
      {
        "title": "0874750",
        "trust": 0.8,
        "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10874750"
      },
      {
        "title": "ibm-sdk-cve20181890-code-exec (152081)",
        "trust": 0.8,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
      },
      {
        "title": "IBM SDK, Java Technology Edition Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89727"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for ACH Services for Multi-Platform",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=7df27f21521e8913950ff1f7b8d88a69"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct for UNIX",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=84bafff922d0eb19dfb19aae2753434e"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms January 2019 CPU (CVE-2018-1890, CVE-2019-2426)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=57aa38652c67bd21b9c5cdf04eec256a"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearCase (CVE-2018-12547, CVE-2018-1890)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=35cd9a5a741834b4083a02e5d8260b1b"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=5043c97306b264db74a4faf561f0f833"
      },
      {
        "title": "IBM: IBM Security Bulletin: Java Vulnerability Affects IBM Connect:Direct Web Services (CVE-2018-1890)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=eb53a4067b87619cbb4cd3c81553ec31"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Watson Explorer, Watson Content Analytics and Watson Explorer Content Analytics Studio (CVE-2018-1890, CVE-2019-2426)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=6794b0d0f0f0a169fa7d9e6b389dd041"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Security Directory Integrator (CVE-2018-2800, CVE-2018-2783)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=adfbfefbebb42af7e6be998453a66abe"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot on AIX and Linux (CVE-2018-1890, CVE-2018-12547) Security Bulletin",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d8f2c31b775ff248769a86d27d63ae0c"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Digital Payments",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c85bd6aa0d403c5674231f5e63000421"
      },
      {
        "title": "IBM: IBM Security Bulletin: Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2018-1890, CVE-2018-3180)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2531ad7e366a9144cdff05a094c6e523"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c6ed8e66aa78a1fd623b7a6e84d81a4b"
      },
      {
        "title": "IBM: IBM Security Bulletin: Security Bulletin: Multiple vulnerabilities in current releases of the IBM\u00ae SDK, Java\u2122 Technology Edition affect IBM Tivoli Network Manager IP Edition (CVE-2018-1890, CVE-2019-2426)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=a90922b26b6812a8b91f9d51f1e586fe"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM\u00ae SDK, Java\u2122 Technology Edition affect IBM Tivoli Netcool Configuration Manager (CVE-2018-1890, CVE-2019-2426)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1703c661e24351a88543d92dc49eba4f"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM\u00ae Db2\u00ae.",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=781b249f2976243583f8a9e3ed2bfb45"
      },
      {
        "title": "IBM: IBM Security Bulletin: Vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 \u0026 8, IBM SDK, Java Technology Edition Version 8 and Eclipse OpenJ9 Affect Transformation Extender",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c9a0886f49ec96e043a06aed1f1c535c"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=a4b188c87bea41b26a4989bd973fe4f4"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Check Services for Multi-Platform",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f29d802129fdc02608b82bac9a82becb"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Directory Server",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=3848baff8cf97df18a25a0f7eda133ab"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect for Enterprise Resource Planning (CVE-2018-1890, CVE-2018-12547)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c4818cbb52f0790e8cbba2379f01e398"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2018-1890, CVE-2018-12547)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=98e506f52751c8434817ab602eff3fbe"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct File Agent",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e2f818c213e1a981b384dfd0613ffff6"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager January 2019 CPU (CVE-2018-1890, CVE-2019-2426)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=81834b52c609f25e35436a1cb27b0caf"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct FTP+",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=34b0c1cd43f40bd3556992c2bdae0057"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Algo Credit Manager",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=943c5827df35ce6856e7d0b3cee0302e"
      },
      {
        "title": "IBM: IBM Security Bulletin: Vulnerabilities in the Java runtime environment that IBM provides affect WebSphere eXtreme Scale",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=73571a68396629ac4aa649c9de30bda4"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=41f4c5bed2fcb4588c3a657a459185b6"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearQuest (CVE-2018-1890, CVE-2018-12547, CVE-2019-2426)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=028395c845b37e3bc7d1e044cb15d3b7"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1b8a07abf5f84208679bd69349e3471e"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Collaboration and Deployment Services",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c38c2e74fa8717026c8b8429cbb12350"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM\u00ae Java SDK affect WebSphere Application Server January 2019 CPU",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bc1514031d07999c438c0782b0724446"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Web Experience Factory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e2df9612fa5da638915af9274a9b0d20"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2426, CVE-2018-12547, CVE-2018-1890)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2c02bf8350248b67370b255546456290"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Secure Proxy",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c202b30c26078c26fced3234f00f2268"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM\u00ae Java SDK affects WebSphere Application Server January 2019 CPU that is bundled with IBM WebSphere Application Server Patterns",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d24fe149635464add9adb6081441b23b"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in IBM\u00ae Java SDK affect Liberty for Java for IBM Cloud January 2019 CPU",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ac2faaa8b676c29b6ce65b0e68e06501"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server (CVE-2018-1890, CVE-2018-12547, CVE-2019-2426)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ec5948415299737dbfa5f830dc9bf9e5"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4b563f46d12c9db19e3bc6de5e0cd1d9"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=7a40046f1faafa441c30ce0d2ae0ac36"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e45909b20430a86cd2441039d65d24e7"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=64a690552b3d34d6f9a6c67ea4c7d6a9"
      },
      {
        "title": "IBM: IBM Security Bulletin: Security Vulnerabilities in IBM\u00ae Java SDK affect multiple IBM Rational products based on IBM Jazz technology Jan 2019 CPU",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=52ffbf27615a00d90fdcb0e7f8661dfe"
      },
      {
        "title": "IBM: IBM Security Bulletin: A security vulnerability has been identified in IBM Java Runtime which affects DataQuant for z/OS",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b23ab3321243eea7d3774210e8c56ad2"
      },
      {
        "title": "IBM: IBM Security Bulletin: Vulnerabilities in IBM Java SDK (January 2019) affecting IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5 and V5.0.4",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=de992c993e39a3a54c5a0d20ca8b2f74"
      },
      {
        "title": "IBM: IBM Security Bulletin: There are multiple vulnerabilities in IBM\u00ae SDK Java\u2122 Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in October 2018 and January 2019.",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d80b5770d7fe869c8738629c94a9a04d"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities may affect IBM\u00ae SDK, Java\u2122 Technology Edition",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d20b685929d47000f40b57ae0bcc15b7"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX Security Bulletin",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bd0c9faa00e32c2b2e13bc94e4ea342f"
      },
      {
        "title": "IBM: IBM Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM License Key Server Administration and Reporting Tool and Agent",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f3d2a4d089c47c18ae3573ce12f4dcff"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Build Forge (CVE-2018-1890;CVE-2019-2426;CVE-2018-3139;CVE-2018-3180;CVE-2018-12547)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=99e16d50b113c70d5a0b12b364e8bd14"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2f24cf59a50d3d48270ced0439b54ab3"
      },
      {
        "title": "IBM: IBM Security Bulletin: A security vulnerability has been identified in IBM Java Runtime could affect DB2 Query Management Facility (CVE-2018-12547, CVE-2019-2426, CVE-2018-1890, CVE-2018-12549, CVE-2018-11212)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=d84d9e54d8abf6a064b838c58e37586f"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=bfa0c11353f7afb7085210c7058bdd34"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Netcool Agile Service Manager",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=49f4f442ae4bd0c2ee6439d30ef5f688"
      },
      {
        "title": "IBM: IBM Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU \u2013 Jan 2019 \u2013 Includes Oracle Jan 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=06cb384eddb358315c180dc6e5d5454c"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM API Connect",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=2395b7e2b6feec79a12300ef7968e02f"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Transformation Advisor",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=477fcfaeb0fc747ebdc6f774a151ff59"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=55eab73b682b0564b71c9bcd8dd67137"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Application Dependency Discovery Manager (TADDM)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=964bd4c200d925f5deebfc67866cd7a9"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Identity Governance and Intelligence",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1853dff5a9c75ba89da15ca324022ef6"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=ba7411e3d867dbb1cbcb07b8bda582d4"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=72bb5fc91cb82824951379e8309ac3eb"
      },
      {
        "title": "IBM: IBM Security Bulletin: IBM Security Privileged Identity Manager is affected by multiple security vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=8580d3cd770371e2ef0f68ca624b80b0"
      },
      {
        "title": "IBM: IBM Security Bulletin: IBM Security Privileged Identity Manager is affected by multiple vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=dd8c9d5928cc3b1ac8c35b4b24703e38"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-1890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-427",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-1890"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/107448"
      },
      {
        "trust": 2.3,
        "url": "https://www.ibm.com/support/docview.wss?uid=ibm10873332"
      },
      {
        "trust": 1.7,
        "url": "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
      },
      {
        "trust": 1.7,
        "url": "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
      },
      {
        "trust": 1.7,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-1890"
      },
      {
        "trust": 0.9,
        "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873042"
      },
      {
        "trust": 0.9,
        "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10874750"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1890"
      },
      {
        "trust": 0.6,
        "url": "https://www.ibm.com/support/pages/node/1142626"
      },
      {
        "trust": 0.6,
        "url": "http://www.ibm.com/support/docview.wss"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/76678"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/76434"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/76566"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.4779/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.4753/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/ibm-java-privilege-escalation-via-rpath-28666"
      },
      {
        "trust": 0.6,
        "url": "https://www.ibm.com/support/pages/node/1138588"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.4295/"
      },
      {
        "trust": 0.6,
        "url": "https://www.ibm.com/support/pages/node/1118799"
      },
      {
        "trust": 0.6,
        "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-replication-affected-by-multiple-vulnerabilities-in-ibm-java-sdk/"
      },
      {
        "trust": 0.6,
        "url": "https://www.ibm.com/support/pages/node/1103337"
      },
      {
        "trust": 0.3,
        "url": "http://www.ibm.com"
      },
      {
        "trust": 0.3,
        "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10875132"
      },
      {
        "trust": 0.3,
        "url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873332"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/427.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-financial-transaction-manager-for-ach-services-for-multi-platform/"
      },
      {
        "trust": 0.1,
        "url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-ibm-db2-4/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-1890"
      },
      {
        "db": "BID",
        "id": "107448"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-1890"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2018-1890"
      },
      {
        "db": "BID",
        "id": "107448"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-1890"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-03-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-1890"
      },
      {
        "date": "2019-03-05T00:00:00",
        "db": "BID",
        "id": "107448"
      },
      {
        "date": "2019-04-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "date": "2019-03-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      },
      {
        "date": "2019-03-11T22:29:00.343000",
        "db": "NVD",
        "id": "CVE-2018-1890"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-1890"
      },
      {
        "date": "2019-03-05T00:00:00",
        "db": "BID",
        "id": "107448"
      },
      {
        "date": "2019-04-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      },
      {
        "date": "2021-07-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      },
      {
        "date": "2024-11-21T04:00:32.843000",
        "db": "NVD",
        "id": "CVE-2018-1890"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "107448"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "IBM SDK, Java Technology Edition Vulnerabilities related to authorization, permissions, and access control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002414"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-037"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.