CVE-2022-21271

🗓️ 19 Jan 2022 11:22:48Reported by oracleType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 255 Views

Vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition product. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks can result in unauthorized ability to cause a partial denial of service

Reporter	Title	Published	Views	Family All 77
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to an unspecified vulnerability in Java SE ( CVE-2022-21271)	7 May 202221:28	–	ibm
IBM Security Bulletins	Security Bulletin: Oracle Java SE is vulnerable to CVE-2022-21271 used in IBM Maximo Application Suite - Monitor Component	4 May 202318:54	–	ibm
IBM Security Bulletins	Security Bulletin: PyTorch is vulnerable to CVE-2022-45907 used in IBM Maximo Application Suite - Monitor Component	17 May 202319:00	–	ibm
ATTACKERKB	CVE-2022-21271	19 Jan 202212:15	–	attackerkb
AlpineLinux	CVE-2022-21271	19 Jan 202211:22	–	alpinelinux
Broadcom	BSA-2022-2016	14 Jul 202200:00	–	broadcom
CBLMariner	CVE-2022-21271 affecting package openjdk8 1.8.0.292-1	10 Mar 202223:47	–	cbl_mariner
Chainguard	CVE-2022-21271 vulnerabilities	23 Aug 202514:16	–	cgr
CNNVD	Oracle Solaris 输入验证错误漏洞	18 Jan 202200:00	–	cnnvd
CNVD	Oracle Solaris Input Validation Error Vulnerability	24 Jan 202200:00	–	cnvd

NVD

Node

oracle graalvmMatch20.3.4enterprise

oracle graalvmMatch21.3.0enterprise

oracle http_serverMatch12.2.1.3.0

oracle http_serverMatch12.2.1.4.0

oracle jdkMatch1.7.0update321

oracle jdkMatch1.8.0update311

oracle jdkMatch11.0.13

oracle jreMatch1.7.0update321

oracle jreMatch1.8.0update311

oracle jreMatch11.0.13

oracle zfs_storage_appliance_kitMatch8.8

oracle solarisMatch11

Node

netapp 7-mode_transition_toolMatch-

netapp active_iq_unified_managerMatch-vmware_vsphere

netapp active_iq_unified_managerMatch-windows

netapp cloud_insights_acquisition_unitMatch-

netapp cloud_secure_agentMatch-

netapp e-series_santricity_os_controllerRange11.0.0–11.70.1

netapp e-series_santricity_storage_managerMatch-

netapp e-series_santricity_web_servicesMatch-web_services_proxy

netapp hci_management_nodeMatch-

netapp oncommand_insightMatch-

netapp oncommand_workflow_automationMatch-

netapp santricity_unified_managerMatch-

netapp snapmanagerMatch-oracle

netapp snapmanagerMatch-sap

netapp solidfireMatch-

[
  {
    "product": "Solaris Operating System",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "11"
      }
    ]
  }
]

Source	Link
security	www.security.netapp.com/advisory/ntap-20220121-0007/
security	www.security.gentoo.org/glsa/202209-05
oracle	www.oracle.com/security-alerts/cpujan2022.html
oracle	www.oracle.com/security-alerts/cpuapr2022.html

21 Nov 2024 06:44Current

4.6Medium risk

Vulners AI Score4.6

CVSS 25

CVSS 3.15.3

EPSS0.01653

SSVC