3.7

CVE-2023-21938

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).  Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and  22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

Data is provided by the National Vulnerability Database (NVD)
OracleGraalvm Version20.3.8 SwEditionenterprise
OracleGraalvm Version21.3.4 SwEditionenterprise
OracleGraalvm Version22.3.0 SwEditionenterprise
OracleJdk Version1.8.0 Updateupdate361
OracleJdk Version11.0.18
OracleJdk Version17.0.6
OracleJdk Version20
OracleJre Version1.8.0 Updateupdate361
OracleJre Version11.0.18
OracleJre Version17.0.6
OracleJre Version20
DebianDebian Linux Version10.0
DebianDebian Linux Version11.0
DebianDebian Linux Version12.0
NetappOncommand Insight Version-
OracleOpenjdk Version < 8
OracleOpenjdk Version >= 11 <= 11.0.18
OracleOpenjdk Version >= 17 <= 17.0.6
OracleOpenjdk Version8 Update-
OracleOpenjdk Version8 Updatemilestone1
OracleOpenjdk Version8 Updatemilestone2
OracleOpenjdk Version8 Updatemilestone3
OracleOpenjdk Version8 Updatemilestone4
OracleOpenjdk Version8 Updatemilestone5
OracleOpenjdk Version8 Updatemilestone6
OracleOpenjdk Version8 Updatemilestone7
OracleOpenjdk Version8 Updatemilestone8
OracleOpenjdk Version8 Updatemilestone9
OracleOpenjdk Version8 Updateupdate101
OracleOpenjdk Version8 Updateupdate102
OracleOpenjdk Version8 Updateupdate11
OracleOpenjdk Version8 Updateupdate111
OracleOpenjdk Version8 Updateupdate112
OracleOpenjdk Version8 Updateupdate121
OracleOpenjdk Version8 Updateupdate131
OracleOpenjdk Version8 Updateupdate141
OracleOpenjdk Version8 Updateupdate151
OracleOpenjdk Version8 Updateupdate152
OracleOpenjdk Version8 Updateupdate161
OracleOpenjdk Version8 Updateupdate162
OracleOpenjdk Version8 Updateupdate171
OracleOpenjdk Version8 Updateupdate172
OracleOpenjdk Version8 Updateupdate181
OracleOpenjdk Version8 Updateupdate191
OracleOpenjdk Version8 Updateupdate192
OracleOpenjdk Version8 Updateupdate20
OracleOpenjdk Version8 Updateupdate201
OracleOpenjdk Version8 Updateupdate202
OracleOpenjdk Version8 Updateupdate211
OracleOpenjdk Version8 Updateupdate212
OracleOpenjdk Version8 Updateupdate221
OracleOpenjdk Version8 Updateupdate222
OracleOpenjdk Version8 Updateupdate231
OracleOpenjdk Version8 Updateupdate232
OracleOpenjdk Version8 Updateupdate241
OracleOpenjdk Version8 Updateupdate242
OracleOpenjdk Version8 Updateupdate25
OracleOpenjdk Version8 Updateupdate252
OracleOpenjdk Version8 Updateupdate262
OracleOpenjdk Version8 Updateupdate271
OracleOpenjdk Version8 Updateupdate281
OracleOpenjdk Version8 Updateupdate282
OracleOpenjdk Version8 Updateupdate291
OracleOpenjdk Version8 Updateupdate301
OracleOpenjdk Version8 Updateupdate302
OracleOpenjdk Version8 Updateupdate31
OracleOpenjdk Version8 Updateupdate312
OracleOpenjdk Version8 Updateupdate322
OracleOpenjdk Version8 Updateupdate332
OracleOpenjdk Version8 Updateupdate342
OracleOpenjdk Version8 Updateupdate352
OracleOpenjdk Version8 Updateupdate362
OracleOpenjdk Version8 Updateupdate40
OracleOpenjdk Version8 Updateupdate45
OracleOpenjdk Version8 Updateupdate5
OracleOpenjdk Version8 Updateupdate51
OracleOpenjdk Version8 Updateupdate60
OracleOpenjdk Version8 Updateupdate65
OracleOpenjdk Version8 Updateupdate66
OracleOpenjdk Version8 Updateupdate71
OracleOpenjdk Version8 Updateupdate72
OracleOpenjdk Version8 Updateupdate73
OracleOpenjdk Version8 Updateupdate74
OracleOpenjdk Version8 Updateupdate77
OracleOpenjdk Version8 Updateupdate91
OracleOpenjdk Version8 Updateupdate92
OracleOpenjdk Version20
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.08% 0.25
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
secalert_us@oracle.com 3.7 2.2 1.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N