Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:1361412562310832791HistoryJan 17, 2024 - 12:00 a.m.
Oracle Java SE Security Update (jan2024) 01 - Linux
2024-01-1700:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
3
oracle java se
unspecified vulnerability
update
linux
remote attacker
unauthorized access
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.7%
Oracle Java SE is prone to an unspecified
vulnerability.
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.832791");
script_version("2024-01-24T05:06:24+0000");
script_cve_id("CVE-2024-20932");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:C/A:N");
script_tag(name:"last_modification", value:"2024-01-24 05:06:24 +0000 (Wed, 24 Jan 2024)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-01-16 23:12:00 +0000 (Tue, 16 Jan 2024)");
script_tag(name:"creation_date", value:"2024-01-17 11:19:29 +0530 (Wed, 17 Jan 2024)");
script_name("Oracle Java SE Security Update (jan2024) 01 - Linux");
script_tag(name:"summary", value:"Oracle Java SE is prone to an unspecified
vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
on the target host.");
script_tag(name:"insight", value:"The flaw exists due to an unspecified
vulnerability in Oracle Java SE.");
script_tag(name:"impact", value:"Successful exploitation will allow remote
attacker to compromise Oracle Java SE, which can result in unauthorized update,
insert or delete access to critical data or all Oracle Java SE.");
script_tag(name:"affected", value:"Oracle Java SE version 17.0.9 and earlier
on Linux.");
script_tag(name:"solution", value:"The vendor has released updates. Please
see the references for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version");
script_xref(name:"URL", value:"https://www.oracle.com/security-alerts/cpujan2024.html#AppendixJAVA");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("General");
script_dependencies("gb_java_prdts_detect_lin.nasl");
script_mandatory_keys("Oracle/Java/JDK_or_JRE/Linux/detected");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
CPE = "cpe:/a:oracle:jre";
if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
exit(0);
vers = infos["version"];
path = infos["location"];
if(version_in_range(version:vers, test_version:"17.0", test_version2:"17.0.9")) {
report = report_fixed_ver(installed_version:vers, fixed_version: "Apply patch provided by the vendor", install_path:path);
security_message(port:0, data:report);
exit(0);
}
exit(0);
Related
ubuntucve
ubuntucve
CVE-2024-20932
2024-01-16 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to unspecified vulnerability in Java SE ( CVE-2024-20932)
2024-05-08 14:34:18
veracode
veracode
Improper Access Control
2024-01-30 18:27:55
alpinelinux
alpinelinux
CVE-2024-20932
2024-01-16 22:15:40
cve
cve
CVE-2024-20932
2024-01-16 22:15:40
openvas
openvas
Oracle Java SE Security Update (jan2024) 01 - Windows
2024-01-17 00:00:00
Oracle OpenJDK 17.x Vulnerability (Jan 2024)
2024-01-17 00:00:00
openSUSE: Security Advisory for java (SUSE-SU-2024:0325-1)
2024-03-04 00:00:00
nvd
nvd
CVE-2024-20932
2024-01-16 22:15:40
debiancve
debiancve
CVE-2024-20932
2024-01-16 22:15:40
prion
prion
Design/Logic Flaw
2024-01-16 22:15:00
osv
osv
CVE-2024-20932
2024-01-16 22:15:40
openjdk-17 vulnerabilities
2024-02-27 02:04:18
Important: java-17-openjdk security and bug fix update
2024-01-17 00:00:00
cvelist
cvelist
CVE-2024-20932
2024-01-16 21:41:17
redhatcve
redhatcve
CVE-2024-20932
2024-01-17 09:13:59
f5
f5
redhat
redhat
(RHSA-2024:0244) Important: java-17-openjdk security and bug fix update
2024-01-17 16:43:36
(RHSA-2024:0246) Important: OpenJDK 17.0.10 security update
2024-01-17 14:04:02
(RHSA-2024:0267) Important: java-17-openjdk security and bug fix update
2024-01-17 16:46:29
nessus
nessus
RHEL 9 : java-17-openjdk (RHSA-2024:0244)
2024-01-17 00:00:00
AlmaLinux 9 : java-17-openjdk (ALSA-2024:0267)
2024-01-20 00:00:00
Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2024-0267)
2024-01-22 00:00:00
ubuntu
ubuntu
OpenJDK 17 vulnerabilities
2024-02-27 00:00:00
oraclelinux
oraclelinux
java-17-openjdk security and bug fix update
2024-01-22 00:00:00
almalinux
almalinux
Important: java-17-openjdk security and bug fix update
2024-01-17 00:00:00
debian
debian
[SECURITY] [DSA 5613-1] openjdk-17 security update
2024-02-01 22:40:03
mageia
mageia
Updated java-17-openjdk packages fix security vulnerabilities
2024-03-14 02:14:37
amazon
amazon
Important: java-17-amazon-corretto
2024-01-17 00:55:00
kaspersky
kaspersky
KLA63108 Multiple vulnerabilities in Oracle Java SE and GraalVM
2024-01-16 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.7%
Related for OPENVAS:1361412562310832791