Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-35650
HistoryOct 20, 2021 - 11:17 a.m.

CVE-2021-35650

2021-10-2011:17:19
[email protected]
web.nvd.nist.gov
20
oracle
secure global desktop
vulnerability
cve-2021-35650
oracle virtualization
exploitable
network access
partial dos
cvss

4.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

3.7 Low

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:N/A:P

0.001 Low

EPSS

Percentile

21.1%

JSON

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). The supported version that is affected is 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Secure Global Desktop accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Secure Global Desktop. CVSS 3.1 Base Score 4.6 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L).

Affected configurations

Vulners
NVD
Node
oraclesecure_global_desktopRange5.6
VendorProductVersionCPE
oraclesecure_global_desktop*cpe:2.3:a:oracle:secure_global_desktop:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Secure Global Desktop",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "5.6"
      }
    ]
  }
]

Related

cnvd 1
cvelist 1
prion 1
nvd 1
oracle 1
cnvd
cnvd
Oracle Secure Global Desktop Unauthorized Access Vulnerability
2021-10-20 00:00:00
cvelist
cvelist
CVE-2021-35650
2021-10-20 10:51:28
prion
prion
Design/Logic Flaw
2021-10-20 11:17:00
nvd
nvd
CVE-2021-35650
2021-10-20 11:17:19
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00

4.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

3.7 Low

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:N/A:P

0.001 Low

EPSS

Percentile

21.1%

JSON
Related for CVE-2021-35650
cnvd1cvelist1prion1nvd1oracle1