6.8

CVE-2021-35567

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via Kerberos to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N).

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleOpenjdk Version8 Update-
OracleOpenjdk Version8 Updatemilestone1
OracleOpenjdk Version8 Updatemilestone2
OracleOpenjdk Version8 Updatemilestone3
OracleOpenjdk Version8 Updatemilestone4
OracleOpenjdk Version8 Updatemilestone5
OracleOpenjdk Version8 Updatemilestone6
OracleOpenjdk Version8 Updatemilestone7
OracleOpenjdk Version8 Updatemilestone8
OracleOpenjdk Version8 Updatemilestone9
OracleOpenjdk Version8 Updateupdate101
OracleOpenjdk Version8 Updateupdate102
OracleOpenjdk Version8 Updateupdate11
OracleOpenjdk Version8 Updateupdate111
OracleOpenjdk Version8 Updateupdate112
OracleOpenjdk Version8 Updateupdate121
OracleOpenjdk Version8 Updateupdate131
OracleOpenjdk Version8 Updateupdate141
OracleOpenjdk Version8 Updateupdate151
OracleOpenjdk Version8 Updateupdate152
OracleOpenjdk Version8 Updateupdate161
OracleOpenjdk Version8 Updateupdate162
OracleOpenjdk Version8 Updateupdate171
OracleOpenjdk Version8 Updateupdate172
OracleOpenjdk Version8 Updateupdate181
OracleOpenjdk Version8 Updateupdate191
OracleOpenjdk Version8 Updateupdate192
OracleOpenjdk Version8 Updateupdate20
OracleOpenjdk Version8 Updateupdate201
OracleOpenjdk Version8 Updateupdate202
OracleOpenjdk Version8 Updateupdate211
OracleOpenjdk Version8 Updateupdate212
OracleOpenjdk Version8 Updateupdate221
OracleOpenjdk Version8 Updateupdate222
OracleOpenjdk Version8 Updateupdate231
OracleOpenjdk Version8 Updateupdate232
OracleOpenjdk Version8 Updateupdate241
OracleOpenjdk Version8 Updateupdate242
OracleOpenjdk Version8 Updateupdate25
OracleOpenjdk Version8 Updateupdate252
OracleOpenjdk Version8 Updateupdate262
OracleOpenjdk Version8 Updateupdate271
OracleOpenjdk Version8 Updateupdate281
OracleOpenjdk Version8 Updateupdate282
OracleOpenjdk Version8 Updateupdate291
OracleOpenjdk Version8 Updateupdate292
OracleOpenjdk Version8 Updateupdate301
OracleOpenjdk Version8 Updateupdate302
OracleOpenjdk Version8 Updateupdate31
OracleOpenjdk Version11
OracleOpenjdk Version11.0.1
OracleOpenjdk Version11.0.2
OracleOpenjdk Version11.0.3
OracleOpenjdk Version11.0.4
OracleOpenjdk Version11.0.5
OracleOpenjdk Version11.0.6
OracleOpenjdk Version11.0.7
OracleOpenjdk Version11.0.8
OracleOpenjdk Version11.0.9
OracleOpenjdk Version11.0.10
OracleOpenjdk Version11.0.11
OracleOpenjdk Version11.0.12
OracleOpenjdk Version13
OracleOpenjdk Version13.0.1
OracleOpenjdk Version13.0.2
OracleOpenjdk Version13.0.3
OracleOpenjdk Version13.0.4
OracleOpenjdk Version13.0.5
OracleOpenjdk Version13.0.6
OracleOpenjdk Version13.0.7
OracleOpenjdk Version13.0.8
OracleOpenjdk Version15
OracleOpenjdk Version15.0.1
OracleOpenjdk Version15.0.2
OracleOpenjdk Version15.0.3
OracleOpenjdk Version15.0.4
OracleOpenjdk Version16
OracleOpenjdk Version16.0.1
OracleOpenjdk Version16.0.2
OracleGraalvm Version20.3.3 SwEditionenterprise
OracleGraalvm Version21.2.0 SwEditionenterprise
OracleJdk Version1.8.0 Updateupdate301
OracleJdk Version11.0.12
OracleJdk Version17
OracleJre Version1.8.0 Updateupdate301
OracleJre Version11.0.12
OracleJre Version17
NetappActive Iq Unified Manager Version- SwPlatformvmware_vsphere
NetappActive Iq Unified Manager Version- SwPlatformwindows
NetappE-series Santricity Os Controller Version >= 11.0.0 <= 11.50.2
NetappE-series Santricity Web Services Version- SwPlatformweb_services_proxy
NetappOncommand Insight Version-
NetappSnapmanager Version- SwPlatformoracle
NetappSnapmanager Version- SwPlatformsap
NetappSolidfire Version-
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
DebianDebian Linux Version11.0
FedoraprojectFedora Version33
FedoraprojectFedora Version34
FedoraprojectFedora Version35
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.517
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.3 6.8 6.9
AV:N/AC:M/Au:S/C:C/I:N/A:N
nvd@nist.gov 6.8 2.3 4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
secalert_us@oracle.com 6.8 2.3 4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N