Oracle Java SE RMI Vulnerability

By GIXnews


A vulnerability in the RMI subcomponent of the Java SE, Java SE Embedded component of Oracle Java SE could allow an unauthenticated, remote attacker to affect the integrity of a targeted system.

The vulnerability is due to improper input validation that is performed by the affected software. An attacker with network access to the system via multiple protocols could exploit the vulnerability by sending network packets that are designed to submit malicious input to the affected software. A successful exploit could allow the attacker to compromise the integrity of the system.

Oracle confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2019-2684

Source:: Cisco Multivendor Vulnerability Alerts