7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
13.2%
04/19/2022
High
Multiple vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, cause denial of service, obtain sensitive information.
Oracle VirtualBox earlier than 6.1.34
Update to the latest version
Download VirtualBox
Oracle Critical Patch Update Advisory – April 2022
OSI
CVE-2022-214917.8Critical
CVE-2022-214883.8Warning
CVE-2022-214656.7High
CVE-2022-214873.8Warning
CVE-2022-214716.5High
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21465
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21471
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21487
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21488
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21491
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-VirtualBox/
www.oracle.com/security-alerts/cpuapr2022.html#AppendixOVIR
www.virtualbox.org/wiki/Downloads
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
AI Score
Confidence
Low
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
13.2%