{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T10:21:25.660","vulnerabilities":[{"cve":{"id":"CVE-2019-2989","sourceIdentifier":"secalert_us@oracle.com","published":"2019-10-16T18:15:33.060","lastModified":"2024-11-21T04:41:56.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 6.8 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N)."},{"lang":"es","value":"Vulnerabilidad en Java SE, producto Java SE Embedded de Oracle Java SE (componente: redes). Las versiones compatibles que se ven afectadas son Java SE: 7u231, 8u221, 11.0.4 y 13; Java SE Embedded: 8u221. La vulnerabilidad difícil de explotar permite que un atacante no autenticado con acceso a la red a través de múltiples protocolos comprometa Java SE, Java SE Embedded. Si bien la vulnerabilidad se encuentra en Java SE, Java SE Embedded, los ataques pueden afectar significativamente a productos adicionales. Los ataques con éxito de esta vulnerabilidad pueden resultar en la creación, eliminación o modificación no autorizada del acceso a datos críticos o a todos los datos accesibles Java SE, Java SE Embedded. Nota: Esta vulnerabilidad se aplica a las implementaciones de Java, generalmente en clientes que ejecutan aplicaciones Java Web Start de espacio aislado o applets de Java de espacio aislado (en Java SE 8), que cargan y ejecutan código no confiable (por ejemplo, código que proviene de Internet) y dependen de Java caja de arena para seguridad. Esta vulnerabilidad también puede explotarse mediante el uso de API en el componente especificado, por ejemplo, a través de un servicio web que suministra datos a las API. CVSS v3.0 Puntaje base 6.8 (Impactos de integridad). Vector CVSS: (CVSS: 3.0 / AV: N / AC: H / PR: N / UI: N / S: C / C: N / I: H / A: N)."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"C120C2F1-D50D-49CC-8E96-207ACCA49674"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*","matchCriteriaId":"DF90EC6E-5E6B-4358-AC42-0D7C6A58A4E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*","matchCriteriaId":"F876E775-7B83-4717-8581-1CBD7AE40C8C"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*","matchCriteriaId":"2E50CEBC-8E5B-42DE-9DB8-C16319ACD7A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"DB1F8AA1-1504-4754-BE10-9663FD7C33E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jre:1.7.0:update231:*:*:*:*:*:*","matchCriteriaId":"BA5DE829-3541-4A04-8E39-A47555FD1838"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jre:1.8.0:update221:*:*:*:*:*:*","matchCriteriaId":"DE035E49-9A7A-479D-8F97-7C500596A8EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*","matchCriteriaId":"2086EFA1-7C35-4311-B379-7E1AB31EFFA7"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*","matchCriteriaId":"9ED31534-7939-4D8E-ADBD-F2B38445DE02"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0.0","versionEndIncluding":"11.50.2","matchCriteriaId":"27723C4B-C434-4733-96E4-397AA6ECE601"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*","matchCriteriaId":"0D9CC59D-6182-4B5E-96B5-226FCD343916"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*","matchCriteriaId":"BB695329-036B-447D-BEB0-AA4D89D1D99C"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*","matchCriteriaId":"23F148EC-6D6D-4C4F-B57C-CFBCD3D32B41"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","matchCriteriaId":"5735E553-9731-4AAC-BCFF-989377F817B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*","matchCriteriaId":"26A2B713-7D6D-420A-93A4-E0D983C983DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*","matchCriteriaId":"64DE38C8-94F1-4860-B045-F33928F676A8"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","source":"secalert_us@oracle.com"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","source":"secalert_us@oracle.com"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","source":"secalert_us@oracle.com"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3134","source":"secalert_us@oracle.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3135","source":"secalert_us@oracle.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3136","source":"secalert_us@oracle.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3157","source":"secalert_us@oracle.com"},{"url":"https://access.redhat.com/errata/RHSA-2019:3158","source":"secalert_us@oracle.com"},{"url":"https://access.redhat.com/errata/RHSA-2019:4109","source":"secalert_us@oracle.com"},{"url":"https://access.redhat.com/errata/RHSA-2019:4110","source":"secalert_us@oracle.com"},{"url":"https://access.redhat.com/errata/RHSA-2019:4113","source":"secalert_us@oracle.com"},{"url":"https://access.redhat.com/errata/RHSA-2019:4115","source":"secalert_us@oracle.com"},{"url":"https://access.redhat.com/errata/RHSA-2020:0006","source":"secalert_us@oracle.com"},{"url":"https://access.redhat.com/errata/RHSA-2020:0046","source":"secalert_us@oracle.com"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10315","source":"secalert_us@oracle.com"},{"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","source":"secalert_us@oracle.com"},{"url":"https://seclists.org/bugtraq/2019/Oct/27","source":"secalert_us@oracle.com"},{"url":"https://seclists.org/bugtraq/2019/Oct/31","source":"secalert_us@oracle.com"},{"url":"https://security.netapp.com/advisory/ntap-20191017-0001/","source":"secalert_us@oracle.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4223-1/","source":"secalert_us@oracle.com"},{"url":"https://www.debian.org/security/2019/dsa-4546","source":"secalert_us@oracle.com"},{"url":"https://www.debian.org/security/2019/dsa-4548","source":"secalert_us@oracle.com"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3134","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3135","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3136","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3157","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:3158","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:4109","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:4110","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:4113","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:4115","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2020:0006","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2020:0046","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10315","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://seclists.org/bugtraq/2019/Oct/27","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://seclists.org/bugtraq/2019/Oct/31","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20191017-0001/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4223-1/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.debian.org/security/2019/dsa-4546","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.debian.org/security/2019/dsa-4548","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}