Vulnerability Details : CVE-2015-2590
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
Threat overview for CVE-2015-2590
Top countries where our scanners detected CVE-2015-2590
Top open port discovered on systems with this issue
90
IPs affected by CVE-2015-2590 1,154
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-2590!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
CVE-2015-2590 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.
Added on
2022-03-03
Action due date
2022-03-24
Exploit prediction scoring system (EPSS) score for CVE-2015-2590
Probability of exploitation activity in the next 30 days: 2.38%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-2590
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2015-2590
- http://rhn.redhat.com/errata/RHSA-2015-1488.html
-
http://www.ubuntu.com/usn/USN-2696-1
USN-2696-1: OpenJDK 7 vulnerabilities | Ubuntu security notices
-
http://www.debian.org/security/2015/dsa-3339
Debian -- Security Information -- DSA-3339-1 openjdk-6
- http://rhn.redhat.com/errata/RHSA-2015-1485.html
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
[security-announce] SUSE-SU-2015:1319-1: important: Security update for
-
http://rhn.redhat.com/errata/RHSA-2015-1526.html
RHSA-2015:1526 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-1604.html
RHSA-2015:1604 - Security Advisory - Red Hat Customer Portal
-
https://security.gentoo.org/glsa/201603-14
IcedTea: Multiple vulnerabilities (GLSA 201603-14) — Gentoo security
-
http://rhn.redhat.com/errata/RHSA-2015-1242.html
RHSA-2015:1242 - Security Advisory - Red Hat Customer Portal
- http://rhn.redhat.com/errata/RHSA-2015-1544.html
-
http://www.securityfocus.com/bid/75818
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
-
http://www.debian.org/security/2015/dsa-3316
Debian -- Security Information -- DSA-3316-1 openjdk-7
-
http://rhn.redhat.com/errata/RHSA-2015-1486.html
RHSA-2015:1486 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-1228.html
RHSA-2015:1228 - Security Advisory - Red Hat Customer Portal
-
http://www.ubuntu.com/usn/USN-2706-1
USN-2706-1: OpenJDK 6 vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
[security-announce] SUSE-SU-2015:1320-1: important: Security update for
-
http://rhn.redhat.com/errata/RHSA-2015-1230.html
RHSA-2015:1230 - Security Advisory - Red Hat Customer Portal
-
http://www.securitytracker.com/id/1032910
Oracle Java SE Multiple Flaws Lets Local and Remote Users Gain Elevated Privileges and Remote Users Partially Access Data, Modify Data, and Deny Service - SecurityTracker
-
http://rhn.redhat.com/errata/RHSA-2015-1243.html
RHSA-2015:1243 - Security Advisory - Red Hat Customer Portal
-
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Oracle Critical Patch Update - July 2015Patch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
[security-announce] openSUSE-SU-2015:1289-1: important: Security update
-
https://security.gentoo.org/glsa/201603-11
Oracle JRE/JDK: Multiple vulnerabilities (GLSA 201603-11) — Gentoo security
-
http://rhn.redhat.com/errata/RHSA-2015-1229.html
RHSA-2015:1229 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-1241.html
RHSA-2015:1241 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
[security-announce] openSUSE-SU-2015:1288-1: important: Security update
Products affected by CVE-2015-2590
- cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*