CVE-2015-2590

Confirmed PUBLISHED

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect...

Oracle · Java SE
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
9.8 Critical

At a Glance

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.

java cisa
CVE Published
Jul 16, 2015
Exploitation Reported
Mar 03, 2022
CVSS
9.8 Critical
EPSS
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • RHSA-2015:1243 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1243.html
  • RHSA-2015:1229 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1229.html
  • USN-2706-1 ubuntu.com · Vendor Advisory http://www.ubuntu.com/usn/USN-2706-1
  • RHSA-2015:1526 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1526.html
  • RHSA-2015:1485 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1485.html
Show 20 more references
  • RHSA-2015:1544 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1544.html
  • openSUSE-SU-2015:1289 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040...
  • RHSA-2015:1228 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1228.html
  • DSA-3316 debian.org · Vendor Advisory http://www.debian.org/security/2015/dsa-3316
  • GLSA-201603-11 security.gentoo.org · Vendor Advisory https://security.gentoo.org/glsa/201603-11
  • RHSA-2015:1486 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1486.html
  • GLSA-201603-14 security.gentoo.org · Vendor Advisory https://security.gentoo.org/glsa/201603-14
  • USN-2696-1 ubuntu.com · Vendor Advisory http://www.ubuntu.com/usn/USN-2696-1
  • DSA-3339 debian.org · Vendor Advisory http://www.debian.org/security/2015/dsa-3339
  • RHSA-2015:1242 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1242.html
  • RHSA-2015:1488 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1488.html
  • SUSE-SU-2015:1319 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046...
  • SUSE-SU-2015:1320 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047...
  • openSUSE-SU-2015:1288 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039...
  • RHSA-2015:1241 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1241.html
  • RHSA-2015:1230 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1230.html
  • RHSA-2015:1604 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1604.html
  • 75818 securityfocus.com · VDB Entry http://www.securityfocus.com/bid/75818
  • 1032910 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1032910
  • oracle.com/technetwork/topics/security/cpujul2015-23679... oracle.com · CVE Record http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936....

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.