CVE-2018-3169

Name of the Vulnerable Software and Affected Versions Java SE versions 7u191, 8u182 and 11 Java SE Embedded version 8u181

Description The issue is related to inadequate access control in the Hotspot component of Java SE and Java SE Embedded, allowing an unauthenticated attacker with network access to compromise Java SE and Java SE Embedded. Successful attacks require human interaction and can result in the takeover of Java SE and Java SE Embedded. This issue affects Java deployments that load and run untrusted code, such as sandboxed Java Web Start applications or sandboxed Java applets, and rely on the Java sandbox for security.

Recommendations For Java SE versions 7u191, 8u182 and 11, update to a version that contains a fix for this issue. For Java SE Embedded version 8u181, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the Hotspot component until a patch is available. Avoid running untrusted code in Java deployments that rely on the Java sandbox for security.