V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsDocs
Back to catalog
CVE-2015-4902
DEB
Medium KEVConfirmedExploit available

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related t…

CVSS
5.3
Medium
EPSS
0.18
p95
Published
2015-01-01
Updated
2022-03-03
Description

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.

Tags · CWE
KEVPre-auth
CWE-284
CAPEC-19
CAPEC-441
CAPEC-478
CAPEC-479
CAPEC-502
CAPEC-503
CAPEC-536
CAPEC-546
CAPEC-550
CAPEC-551
CAPEC-552
CAPEC-556
CAPEC-558
CAPEC-562
CAPEC-563
CAPEC-564
CAPEC-578
Affected products
Java-1.5.0-ibmJava-1.5.0-ibmJava-1.6.0-ibmJava-1.6.0-ibmJava-1.6.0-sunJava-1.6.0-sunJava-1.6.0-sunJava-1.7.0-ibmJava-1.7.0-ibmJava-1.7.0-oracleJava-1.7.0-oracleJava-1.7.0-oracleJava-1.7.1-ibmJava-1.7.1-ibmJava-1.7.1-ibmJava-1.7.1-ibmJava-1.8.0-ibmJava-1.8.0-oracleJava-1.8.0-oracleOpenjdk-6
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Timeline
2015-01-01
Published
2022-03-03
Added to KEV
2022-03-03
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: N
None (N)
Integrity Impact
I: L
Low (L)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.183 · p95
Known exploited (KEV)
Yes
MITRE ATT&CK
Inferred via CAPEC
└ via CAPEC-552 · CWE-284
└ via CAPEC-19 · CWE-284
└ via CAPEC-564 · CWE-284
└ via CAPEC-562 · CWE-284
└ via CAPEC-558 · CWE-284
└ via CAPEC-552 · CWE-284
└ via CAPEC-550 · CWE-284
└ via CAPEC-564 · CWE-284
└ via CAPEC-478 · CWE-284
└ via CAPEC-564 · CWE-284
└ via CAPEC-556 · CWE-284
└ via CAPEC-19 · CWE-284
└ via CAPEC-558 · CWE-284
└ via CAPEC-19 · CWE-284
└ via CAPEC-564 · CWE-284
└ via CAPEC-552 · CWE-284
└ via CAPEC-479 · CWE-284
└ via CAPEC-578 · CWE-284
└ via CAPEC-478 · CWE-284
Known exploits — Сканер-ВС
CVE-2015-4902
cisa · https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Enterprise
Affected software
ProductVendorStatus
java-1.5.0-ibmExploited
java-1.5.0-ibmExploited
java-1.6.0-ibmExploited
java-1.6.0-ibmExploited
java-1.6.0-sunExploited
java-1.6.0-sunExploited
java-1.6.0-sunExploited
java-1.7.0-ibmExploited
java-1.7.0-ibmExploited
java-1.7.0-oracleExploited
java-1.7.0-oracleExploited
java-1.7.0-oracleExploited
java-1.7.1-ibmExploited
java-1.7.1-ibmExploited
java-1.7.1-ibmExploited
java-1.7.1-ibmExploited
java-1.8.0-ibmExploited
java-1.8.0-oracleExploited
java-1.8.0-oracleExploited
openjdk-6Exploited
Source databases
DEB
CVE
RED
UBU
Related vulnerabilities
BDU:2015-11842