CVE-2014-2423: Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to aff
infovulnerability
security
Summary
CVE-2014-2423 is an unspecified security flaw in Oracle Java SE versions 6u71, 7u51, and 8 (plus Java SE Embedded 7u51) that affects JAX-WS (a tool for building web services in Java). Remote attackers could exploit this vulnerability to compromise confidentiality (stealing data), integrity (modifying data), and availability (disrupting service), though the exact attack method was not publicly disclosed.
Vulnerability Details
CVSS Score
7.5
EPSS (30-day exploit probability)
EPSS: 4.3%
Classification
Attack SophisticationModerate
Original source: https://nvd.nist.gov/vuln/detail/CVE-2014-2423
First tracked: February 15, 2026 at 08:43 PM
Classified by LLM (prompt v3) · confidence: 95%