Netapp-How I met your Java debugger(CVE-2018-5486)

How I met your Java debugger is not a new hacking technique. It announced in 2014. Hacker is able to turn any open JDWP service into reliable remote code execution. But it can only execute in inside compartment (exploit inside). JDWP is one component of the global Java debugging system, called the Java Platform Debug Architecture. Hardware storage vendor (Netapp) found vulnerabiliy on their product. A design weakness of Java Platform Debug Architecture with their products cause local code execution vulnerability in OnCommand Unified Manager (Linux 7.2 and above). Vendor (Netapp) provides remediation, for more detail please refer below url for reference.