From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.
2019-10-17T18:15:12.813
2024-11-21T04:32:39.997
Modified
CVSSv3.1: 9.1 (CRITICAL)
AV:N/AC:L/Au:N/C:N/I:P/A:P
10.0
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | eclipse | openj9 | ≤ 0.16.0 | Yes |
| Application | redhat | satellite | 5.8 | Yes |
| Operating System | redhat | enterprise_linux | 8.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_eus | 8.1 | Yes |
| Operating System | redhat | enterprise_linux_server | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_server | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 7.0 | Yes |