SEVERITY: Low

ANALYSIS SUMMARY

A vulnerability is found in Oracle Java SE which can be exploited to cause information disclosure. This vulnerability is difficult to exploit and allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data.

IMPACT

Information Disclosure

AFFECTED PRODUCTS

• Java SE: 7u201
• Java SE: 8u192
• 11.0.1
• Java SE Embedded: 8u191

REMEDIATION

Apply update.

• For Oracle Java SE, versions 7u201, 8u192, 11.0.1:
  https://support.oracle.com/rs?type=doc&id=2485170.1

• For Oracle Java SE Embedded, version 8u191:
  https://support.oracle.com/rs?type=doc&id=2485170.1