CVE-2014-6593

Advisory lineage Upstream: 0 Downstream: 21

Downstream

DLA-157-1 DSA-3144-1 DSA-3147-1 MGASA-2015-0037 OPENSUSE-SU-2024:10534-1 RHSA-2015:0067

Modified

Published: 21 Jan 2015, 15:00

Last modified:06 Aug 2024, 12:17

Vulnerability Summary

Overall Risk (default)

medium

41/100

CVSS Score

4 MEDIUM

v2.0 (nvd)

EPSS Score

72.84% CRITICAL

73% probability +17.79%

KEV

Not listed

Ransomware

No reports

Public exploits

2 found

Dark Web

Not detected

Timeline

21 Jan 2015, 15:00

Published

Vulnerability first disclosed

06 Aug 2024, 12:17

Last Modified

Vulnerability information updated

Description

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.

CVSS Metrics

v2.0•MEDIUM•Score: 4AV:N/AC:H/Au:N/C:P/I:P/A:N

EPSS Trends

Current EPSS score: 72.84%• Percentile: 99%

Affected Systems

oracle•jdk
1.5.0:update75 | 1.6.0:update85 | 1.7.0:update71 | 1.7.0:update72 | 1.8.0:update25 | 1.8.0:update6
oracle•jre
1.5.0:update75 | 1.6.0:update85 | 1.7.0:update71 | 1.7.0:update72 | 1.8.0:update25 | 1.8.0:update6
oracle•jrockit
r27.8.4 | r28.3.4