Vulnerability Details : CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.
Publish Date : 2018-03-20 Last Update Date : 2022-01-31

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

CVSS Score	7.5
Confidentiality Impact	Partial (There is considerable informational disclosure.)
Integrity Impact	Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact	Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity	Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Bypass a restriction or similar
CWE ID	CWE id is not defined for this vulnerability

- Related OVAL Definitions

Title	Definition Id	Class	Family
RHSA-2018:0592: slf4j security update (Important)	oval:com.redhat.rhsa:def:20180592		unix

OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2018-8088

#	Product Type	Vendor	Product	Version	Update	Edition	Language
1	Application	Oracle	Goldengate Application Adapters	12.3.2.1.0	*	*	*	Version Details Vulnerabilities
2	Application	Oracle	Goldengate Stream Analytics	*	*	*	*	Version Details Vulnerabilities
3	Application	Oracle	Utilities Framework	4.2.0.2.0	*	*	*	Version Details Vulnerabilities
4	Application	Oracle	Utilities Framework	4.2.0.3.0	*	*	*	Version Details Vulnerabilities
5	Application	Oracle	Utilities Framework	4.3.0.2.0	*	*	*	Version Details Vulnerabilities
6	Application	Oracle	Utilities Framework	4.3.0.3.0	*	*	*	Version Details Vulnerabilities
7	Application	Oracle	Utilities Framework	4.3.0.4.0	*	*	*	Version Details Vulnerabilities
8	Application	Oracle	Utilities Framework	4.3.0.5.0	*	*	*	Version Details Vulnerabilities
9	Application	Oracle	Utilities Framework	4.3.0.6.0	*	*	*	Version Details Vulnerabilities
10	Application	Oracle	Utilities Framework	4.4.0.0.0	*	*	*	Version Details Vulnerabilities
11	Application	QOS	Slf4j	*	*	*	*	Version Details Vulnerabilities
12	Application	QOS	Slf4j	1.8.0	Alpha1	*	*	Version Details Vulnerabilities
13	Application	QOS	Slf4j	1.8.0	Alpha2	*	*	Version Details Vulnerabilities
14	Application	QOS	Slf4j	1.8.0	Beta1	*	*	Version Details Vulnerabilities
15	Application	QOS	Slf4j	1.8.0	Beta2	*	*	Version Details Vulnerabilities
16	OS	Redhat	Enterprise Linux Desktop	7.0	*	*	*	Version Details Vulnerabilities
17	OS	Redhat	Enterprise Linux Eus	7.4	*	*	*	Version Details Vulnerabilities
18	OS	Redhat	Enterprise Linux Eus	7.5	*	*	*	Version Details Vulnerabilities
19	OS	Redhat	Enterprise Linux Eus	7.6	*	*	*	Version Details Vulnerabilities
20	OS	Redhat	Enterprise Linux Eus	7.7	*	*	*	Version Details Vulnerabilities
21	OS	Redhat	Enterprise Linux Server	7.0	*	*	*	Version Details Vulnerabilities
22	OS	Redhat	Enterprise Linux Server Aus	7.4	*	*	*	Version Details Vulnerabilities
23	OS	Redhat	Enterprise Linux Server Aus	7.6	*	*	*	Version Details Vulnerabilities
24	OS	Redhat	Enterprise Linux Server Aus	7.7	*	*	*	Version Details Vulnerabilities
25	OS	Redhat	Enterprise Linux Server Tus	7.4	*	*	*	Version Details Vulnerabilities
26	OS	Redhat	Enterprise Linux Server Tus	7.6	*	*	*	Version Details Vulnerabilities
27	OS	Redhat	Enterprise Linux Server Tus	7.7	*	*	*	Version Details Vulnerabilities
28	OS	Redhat	Enterprise Linux Workstation	7.0	*	*	*	Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
Oracle	Goldengate Application Adapters	1
Oracle	Goldengate Stream Analytics	1
Oracle	Utilities Framework	8
QOS	Slf4j	5
Redhat	Enterprise Linux Desktop	1
Redhat	Enterprise Linux Eus	4
Redhat	Enterprise Linux Server	1
Redhat	Enterprise Linux Server Aus	3
Redhat	Enterprise Linux Server Tus	3
Redhat	Enterprise Linux Workstation	1

- References For CVE-2018-8088

https://access.redhat.com/errata/RHSA-2018:0629
REDHAT RHSA-2018:0629

https://lists.apache.org/thread.html/[email protected]%3Creviews.iotdb.apache.org%3E
MLIST [iotdb-reviews] 20210328 [GitHub] [iotdb] HTHou merged pull request #2906: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088

https://access.redhat.com/errata/RHSA-2018:1448
REDHAT RHSA-2018:1448

https://lists.apache.org/thread.html/[email protected]%3Cdev.flink.apache.org%3E
MLIST [flink-dev] 20210720 [jira] [Created] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E
MLIST [flink-issues] 20210721 [jira] [Commented] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088

https://access.redhat.com/errata/RHSA-2018:0592
REDHAT RHSA-2018:0592

https://www.oracle.com/security-alerts/cpuoct2021.html

https://www.slf4j.org/news.html

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E
MLIST [flink-issues] 20210725 [jira] [Commented] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Cdevnull.infra.apache.org%3E
MLIST [infra-devnull] 20190321 [GitHub] [tika] grossws commented on issue #268: Update slf4j to 1.8.0-beta4

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E
MLIST [flink-issues] 20210720 [jira] [Created] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088

https://access.redhat.com/errata/RHSA-2018:1575
REDHAT RHSA-2018:1575

https://lists.apache.org/thread.html/[email protected]%3Ccommits.iotdb.apache.org%3E
MLIST [iotdb-commits] 20210328 [iotdb] branch master updated: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088 (#2906)

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E
MLIST [flink-issues] 20210804 [jira] [Closed] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Cissues.zookeeper.apache.org%3E
MLIST [zookeeper-issues] 20210327 [jira] [Updated] (ZOOKEEPER-4264) Apache Zookeeper 3.6.2 - slf4j 1.7.25 has security vulnerability CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Cissues.zookeeper.apache.org%3E
MLIST [zookeeper-issues] 20210327 [jira] [Created] (ZOOKEEPER-4264) Apache Zookeeper 3.6.2 - slf4j 1.7.25 has security vulnerability CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Creviews.iotdb.apache.org%3E
MLIST [iotdb-reviews] 20210327 [GitHub] [iotdb] wangchao316 opened a new pull request #2906: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Cdev.zookeeper.apache.org%3E
MLIST [zookeeper-dev] 20210327 [jira] [Created] (ZOOKEEPER-4264) Apache Zookeeper 3.6.2 - slf4j 1.7.25 has security vulnerability CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Cnotifications.iotdb.apache.org%3E
MLIST [iotdb-notifications] 20210325 [jira] [Created] (IOTDB-1258) jcl-over-slf4j have Security Vulnerabilities CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Creviews.iotdb.apache.org%3E
MLIST [iotdb-reviews] 20210327 [GitHub] [iotdb] wangchao316 closed pull request #2906: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Ccommits.pulsar.apache.org%3E
MLIST [pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list

https://lists.apache.org/thread.html/[email protected]%3Ccommits.pulsar.apache.org%3E
MLIST [pulsar-commits] 20210127 [GitHub] [pulsar] GLouMcK opened a new issue #9347: Security Vulnerabilities - Black Duck Scan

https://www.oracle.com/security-alerts/cpuoct2020.html

https://lists.apache.org/thread.html/[email protected]%3Ccommon-issues.hadoop.apache.org%3E
MLIST [hadoop-common-issues] 20200824 [jira] [Updated] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088)

https://lists.apache.org/thread.html/[email protected]%3Cnotifications.logging.apache.org%3E
MLIST [logging-notifications] 20200825 [jira] [Commented] (LOG4J2-2329) Fix dependency in log4j-slf4j-impl to slf4j due to CVE-2018-8088

https://lists.apache.org/thread.html/[email protected]%3Ccommon-commits.hadoop.apache.org%3E
MLIST [hadoop-common-commits] 20200824 [hadoop] branch branch-3.3 updated: HADOOP-17220. Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088). Contributed by Brahma Reddy Battula.

https://lists.apache.org/thread.html/[email protected]%3Ccommon-commits.hadoop.apache.org%3E
MLIST [hadoop-common-commits] 20200824 [hadoop] branch trunk updated: HADOOP-17220. Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088). Contributed by Brahma Reddy Battula.

https://lists.apache.org/thread.html/[email protected]%3Ccommon-issues.hadoop.apache.org%3E
MLIST [hadoop-common-issues] 20200824 [jira] [Created] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Adress: CVE-2018-8088)

https://lists.apache.org/thread.html/[email protected]%3Ccommon-issues.hadoop.apache.org%3E
MLIST [hadoop-common-issues] 20200824 [jira] [Commented] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Adress: CVE-2018-8088)

https://www.oracle.com/security-alerts/cpujul2020.html

https://lists.apache.org/thread.html/[email protected]%3Ccommon-dev.hadoop.apache.org%3E
MLIST [hadoop-common-dev] 20200824 [jira] [Created] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Adress: CVE-2018-8088)

https://access.redhat.com/errata/RHSA-2019:2413
REDHAT RHSA-2019:2413

https://access.redhat.com/errata/RHSA-2018:2420
REDHAT RHSA-2018:2420

https://access.redhat.com/errata/RHSA-2018:2419
REDHAT RHSA-2018:2419

https://access.redhat.com/errata/RHSA-2018:2669
REDHAT RHSA-2018:2669

https://access.redhat.com/errata/RHSA-2019:3140
REDHAT RHSA-2019:3140

https://access.redhat.com/errata/RHSA-2018:1447
REDHAT RHSA-2018:1447

https://lists.apache.org/thread.html/[email protected]%3Cdevnull.infra.apache.org%3E
MLIST [infra-devnull] 20190321 [GitHub] [tika] dadoonet opened pull request #268: Update slf4j to 1.8.0-beta4

https://access.redhat.com/errata/RHSA-2018:2930
REDHAT RHSA-2018:2930

https://access.redhat.com/errata/RHSA-2018:2143
REDHAT RHSA-2018:2143

https://lists.apache.org/thread.html/[email protected]%3Creviews.iotdb.apache.org%3E
MLIST [iotdb-reviews] 20210325 [GitHub] [iotdb] wangchao316 opened a new pull request #2906: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088

https://access.redhat.com/errata/RHSA-2018:1451
REDHAT RHSA-2018:1451

https://access.redhat.com/errata/RHSA-2018:1450
REDHAT RHSA-2018:1450

https://access.redhat.com/errata/RHSA-2018:1449
REDHAT RHSA-2018:1449

http://www.securityfocus.com/bid/103737
BID 103737 SLF4J 'EventData' Constructor Remote Code Execution Vulnerability Release Date:2019-04-18

https://access.redhat.com/errata/RHSA-2018:1323
REDHAT RHSA-2018:1323

https://access.redhat.com/errata/RHSA-2018:1525
REDHAT RHSA-2018:1525

https://access.redhat.com/errata/RHSA-2018:1247
REDHAT RHSA-2018:1247

https://access.redhat.com/errata/RHSA-2018:1248
REDHAT RHSA-2018:1248

https://access.redhat.com/errata/RHSA-2018:1251
REDHAT RHSA-2018:1251

http://www.securitytracker.com/id/1040627
SECTRACK 1040627

https://access.redhat.com/errata/RHSA-2018:1249
REDHAT RHSA-2018:1249

https://access.redhat.com/errata/RHSA-2018:0627
REDHAT RHSA-2018:0627

https://access.redhat.com/errata/RHSA-2018:0628
REDHAT RHSA-2018:0628

https://jira.qos.ch/browse/SLF4J-431

https://access.redhat.com/errata/RHSA-2018:0630
REDHAT RHSA-2018:0630

https://access.redhat.com/errata/RHSA-2018:0582
REDHAT RHSA-2018:0582

https://github.com/qos-ch/slf4j/commit/d2b27fba88e983f921558da27fc29b5f5d269405

https://jira.qos.ch/browse/SLF4J-430

https://lists.apache.org/thread.html/[email protected]%3Cissues.zookeeper.apache.org%3E
MLIST [zookeeper-issues] 20210328 [jira] [Commented] (ZOOKEEPER-4264) Apache Zookeeper 3.6.2 - slf4j 1.7.25 has security vulnerability CVE-2018-8088

- Vulnerability Conditions

Vulnerability is valid if product versions listed below are used 0
Oracle Utilities Framework 4.4.0.0.0 * * * Oracle Utilities Framework 4.3.0.6.0 * * * Oracle Utilities Framework 4.3.0.5.0 * * * Oracle Utilities Framework 4.3.0.4.0 * * * Oracle Utilities Framework 4.3.0.3.0 * * * Oracle Utilities Framework 4.3.0.2.0 * * * Oracle Utilities Framework 4.2.0.3.0 * * * Oracle Utilities Framework 4.2.0.2.0 * * * Oracle Goldengate Stream Analytics * * * * Oracle Goldengate Application Adapters 12.3.2.1.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux Server Tus 7.7 * * * Redhat Enterprise Linux Server Tus 7.6 * * * Redhat Enterprise Linux Server Tus 7.4 * * * Redhat Enterprise Linux Server Aus 7.7 * * * Redhat Enterprise Linux Server Aus 7.6 * * * Redhat Enterprise Linux Server Aus 7.4 * * * Redhat Enterprise Linux Server 7.0 * * * Redhat Enterprise Linux Eus 7.7 * * * Redhat Enterprise Linux Eus 7.6 * * * Redhat Enterprise Linux Eus 7.5 * * * Redhat Enterprise Linux Eus 7.4 * * * Redhat Enterprise Linux Desktop 7.0 * * * QOS Slf4j 1.8.0 Beta2 * * QOS Slf4j 1.8.0 Beta1 * * QOS Slf4j 1.8.0 Alpha2 * * QOS Slf4j 1.8.0 Alpha1 * * QOS Slf4j * * * *	Redhat Enterprise Linux 5.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Jboss Enterprise Application Platform 6.0.0 * * * Redhat Jboss Enterprise Application Platform 6.4.0 * * * Redhat Jboss Enterprise Application Platform 7.1 * * * Redhat Virtualization 4.0 * * * Redhat Virtualization Host 4.0 * * *
Vulnerability is valid if product versions listed below are used 0
Oracle Utilities Framework 4.4.0.0.0 * * * Oracle Utilities Framework 4.3.0.6.0 * * * Oracle Utilities Framework 4.3.0.5.0 * * * Oracle Utilities Framework 4.3.0.4.0 * * * Oracle Utilities Framework 4.3.0.3.0 * * * Oracle Utilities Framework 4.3.0.2.0 * * * Oracle Utilities Framework 4.2.0.3.0 * * * Oracle Utilities Framework 4.2.0.2.0 * * * Oracle Goldengate Stream Analytics * * * * Oracle Goldengate Application Adapters 12.3.2.1.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux Server Tus 7.7 * * * Redhat Enterprise Linux Server Tus 7.6 * * * Redhat Enterprise Linux Server Tus 7.4 * * * Redhat Enterprise Linux Server Aus 7.7 * * * Redhat Enterprise Linux Server Aus 7.6 * * * Redhat Enterprise Linux Server Aus 7.4 * * * Redhat Enterprise Linux Server 7.0 * * * Redhat Enterprise Linux Eus 7.7 * * * Redhat Enterprise Linux Eus 7.6 * * * Redhat Enterprise Linux Eus 7.5 * * * Redhat Enterprise Linux Eus 7.4 * * * Redhat Enterprise Linux Desktop 7.0 * * * QOS Slf4j 1.8.0 Beta2 * * QOS Slf4j 1.8.0 Beta1 * * QOS Slf4j 1.8.0 Alpha2 * * QOS Slf4j 1.8.0 Alpha1 * * QOS Slf4j * * * *	Redhat Enterprise Linux 5.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Jboss Enterprise Application Platform 6.0.0 * * * Redhat Jboss Enterprise Application Platform 6.4.0 * * * Redhat Jboss Enterprise Application Platform 7.1 * * * Redhat Virtualization 4.0 * * * Redhat Virtualization Host 4.0 * * *
Vulnerability is valid if product versions listed below are used 0
Oracle Utilities Framework 4.4.0.0.0 * * * Oracle Utilities Framework 4.3.0.6.0 * * * Oracle Utilities Framework 4.3.0.5.0 * * * Oracle Utilities Framework 4.3.0.4.0 * * * Oracle Utilities Framework 4.3.0.3.0 * * * Oracle Utilities Framework 4.3.0.2.0 * * * Oracle Utilities Framework 4.2.0.3.0 * * * Oracle Utilities Framework 4.2.0.2.0 * * * Oracle Goldengate Stream Analytics * * * * Oracle Goldengate Application Adapters 12.3.2.1.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux Server Tus 7.7 * * * Redhat Enterprise Linux Server Tus 7.6 * * * Redhat Enterprise Linux Server Tus 7.4 * * * Redhat Enterprise Linux Server Aus 7.7 * * * Redhat Enterprise Linux Server Aus 7.6 * * * Redhat Enterprise Linux Server Aus 7.4 * * * Redhat Enterprise Linux Server 7.0 * * * Redhat Enterprise Linux Eus 7.7 * * * Redhat Enterprise Linux Eus 7.6 * * * Redhat Enterprise Linux Eus 7.5 * * * Redhat Enterprise Linux Eus 7.4 * * * Redhat Enterprise Linux Desktop 7.0 * * * QOS Slf4j 1.8.0 Beta2 * * QOS Slf4j 1.8.0 Beta1 * * QOS Slf4j 1.8.0 Alpha2 * * QOS Slf4j 1.8.0 Alpha1 * * QOS Slf4j * * * *	Redhat Enterprise Linux 5.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Jboss Enterprise Application Platform 6.0.0 * * * Redhat Jboss Enterprise Application Platform 6.4.0 * * * Redhat Jboss Enterprise Application Platform 7.1 * * * Redhat Virtualization 4.0 * * * Redhat Virtualization Host 4.0 * * *
Vulnerability is valid if product versions listed below are used 0
Oracle Utilities Framework 4.4.0.0.0 * * * Oracle Utilities Framework 4.3.0.6.0 * * * Oracle Utilities Framework 4.3.0.5.0 * * * Oracle Utilities Framework 4.3.0.4.0 * * * Oracle Utilities Framework 4.3.0.3.0 * * * Oracle Utilities Framework 4.3.0.2.0 * * * Oracle Utilities Framework 4.2.0.3.0 * * * Oracle Utilities Framework 4.2.0.2.0 * * * Oracle Goldengate Stream Analytics * * * * Oracle Goldengate Application Adapters 12.3.2.1.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux Server Tus 7.7 * * * Redhat Enterprise Linux Server Tus 7.6 * * * Redhat Enterprise Linux Server Tus 7.4 * * * Redhat Enterprise Linux Server Aus 7.7 * * * Redhat Enterprise Linux Server Aus 7.6 * * * Redhat Enterprise Linux Server Aus 7.4 * * * Redhat Enterprise Linux Server 7.0 * * * Redhat Enterprise Linux Eus 7.7 * * * Redhat Enterprise Linux Eus 7.6 * * * Redhat Enterprise Linux Eus 7.5 * * * Redhat Enterprise Linux Eus 7.4 * * * Redhat Enterprise Linux Desktop 7.0 * * * QOS Slf4j 1.8.0 Beta2 * * QOS Slf4j 1.8.0 Beta1 * * QOS Slf4j 1.8.0 Alpha2 * * QOS Slf4j 1.8.0 Alpha1 * * QOS Slf4j * * * *	Redhat Enterprise Linux 5.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Jboss Enterprise Application Platform 6.0.0 * * * Redhat Jboss Enterprise Application Platform 6.4.0 * * * Redhat Jboss Enterprise Application Platform 7.1 * * * Redhat Virtualization 4.0 * * * Redhat Virtualization Host 4.0 * * *
Vulnerability is valid if product versions listed below are used 0
Oracle Utilities Framework 4.4.0.0.0 * * * Oracle Utilities Framework 4.3.0.6.0 * * * Oracle Utilities Framework 4.3.0.5.0 * * * Oracle Utilities Framework 4.3.0.4.0 * * * Oracle Utilities Framework 4.3.0.3.0 * * * Oracle Utilities Framework 4.3.0.2.0 * * * Oracle Utilities Framework 4.2.0.3.0 * * * Oracle Utilities Framework 4.2.0.2.0 * * * Oracle Goldengate Stream Analytics * * * * Oracle Goldengate Application Adapters 12.3.2.1.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux Server Tus 7.7 * * * Redhat Enterprise Linux Server Tus 7.6 * * * Redhat Enterprise Linux Server Tus 7.4 * * * Redhat Enterprise Linux Server Aus 7.7 * * * Redhat Enterprise Linux Server Aus 7.6 * * * Redhat Enterprise Linux Server Aus 7.4 * * * Redhat Enterprise Linux Server 7.0 * * * Redhat Enterprise Linux Eus 7.7 * * * Redhat Enterprise Linux Eus 7.6 * * * Redhat Enterprise Linux Eus 7.5 * * * Redhat Enterprise Linux Eus 7.4 * * * Redhat Enterprise Linux Desktop 7.0 * * * QOS Slf4j 1.8.0 Beta2 * * QOS Slf4j 1.8.0 Beta1 * * QOS Slf4j 1.8.0 Alpha2 * * QOS Slf4j 1.8.0 Alpha1 * * QOS Slf4j * * * *	Redhat Enterprise Linux 5.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Jboss Enterprise Application Platform 6.0.0 * * * Redhat Jboss Enterprise Application Platform 6.4.0 * * * Redhat Jboss Enterprise Application Platform 7.1 * * * Redhat Virtualization 4.0 * * * Redhat Virtualization Host 4.0 * * *
Vulnerability is valid if product versions listed below are used 0
Oracle Utilities Framework 4.4.0.0.0 * * * Oracle Utilities Framework 4.3.0.6.0 * * * Oracle Utilities Framework 4.3.0.5.0 * * * Oracle Utilities Framework 4.3.0.4.0 * * * Oracle Utilities Framework 4.3.0.3.0 * * * Oracle Utilities Framework 4.3.0.2.0 * * * Oracle Utilities Framework 4.2.0.3.0 * * * Oracle Utilities Framework 4.2.0.2.0 * * * Oracle Goldengate Stream Analytics * * * * Oracle Goldengate Application Adapters 12.3.2.1.0 * * * Redhat Enterprise Linux Workstation 7.0 * * * Redhat Enterprise Linux Server Tus 7.7 * * * Redhat Enterprise Linux Server Tus 7.6 * * * Redhat Enterprise Linux Server Tus 7.4 * * * Redhat Enterprise Linux Server Aus 7.7 * * * Redhat Enterprise Linux Server Aus 7.6 * * * Redhat Enterprise Linux Server Aus 7.4 * * * Redhat Enterprise Linux Server 7.0 * * * Redhat Enterprise Linux Eus 7.7 * * * Redhat Enterprise Linux Eus 7.6 * * * Redhat Enterprise Linux Eus 7.5 * * * Redhat Enterprise Linux Eus 7.4 * * * Redhat Enterprise Linux Desktop 7.0 * * * QOS Slf4j 1.8.0 Beta2 * * QOS Slf4j 1.8.0 Beta1 * * QOS Slf4j 1.8.0 Alpha2 * * QOS Slf4j 1.8.0 Alpha1 * * QOS Slf4j * * * *	Redhat Enterprise Linux 5.0 * * * Redhat Enterprise Linux 6.0 * * * Redhat Enterprise Linux 7.0 * * * Redhat Jboss Enterprise Application Platform 6.0.0 * * * Redhat Jboss Enterprise Application Platform 6.4.0 * * * Redhat Jboss Enterprise Application Platform 7.1 * * * Redhat Virtualization 4.0 * * * Redhat Virtualization Host 4.0 * * *

- Metasploit Modules Related To CVE-2018-8088

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)