Lucene search

K
cvelistOracleCVELIST:CVE-2024-20952
HistoryJan 16, 2024 - 9:41 p.m.

CVE-2024-20952

2024-01-1621:41:20
oracle
www.cve.org
4
cve-2024-20952
security
vulnerability

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

34.2%

CNA Affected

[
  {
    "vendor": "Oracle Corporation",
    "product": "Java SE JDK and JRE",
    "versions": [
      {
        "version": "Oracle Java SE:8u391",
        "status": "affected"
      },
      {
        "version": "Oracle Java SE:8u391-perf",
        "status": "affected"
      },
      {
        "version": "Oracle Java SE:11.0.21",
        "status": "affected"
      },
      {
        "version": "Oracle Java SE:17.0.9",
        "status": "affected"
      },
      {
        "version": "Oracle Java SE:21.0.1",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM for JDK:17.0.9",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM for JDK:21.0.1",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:20.3.12",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:21.3.8",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:22.3.4",
        "status": "affected"
      }
    ]
  }
]

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

34.2%