7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
42.5%
Software: java-11-openjdk 11.0.19.0.7
OS: rosa-server79
package_evr_string: java-11-openjdk-11.0.19.0.7-1.res7
CVE-ID: CVE-2023-21930
BDU-ID: 2023-02179
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine is related to a lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or create, delete, or modify access to data
CVE-STATUS: Resolved
CVE-REV: Run yum update java-11-openjdk to close.
CVE-ID: CVE-2023-21937
BDU-ID: 2023-02495
CVE-Crit: LOW
CVE-DESC.: A vulnerability in the Networking component of the Networking component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to manipulate the data
CVE-STATUS: Resolved
CVE-REV: Run yum update java-11-openjdk to close.
CVE-ID: CVE-2023-21938
BDU-ID: 2023-02496
CVE-Crit: LOW
CVE-DESC.: A vulnerability exists in the Libraries component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to modify, add, or delete data
CVE-STATUS: Resolved
CVE-REV: Run the yum update java-11-openjdk command to close.
CVE-ID: CVE-2023-21939
BDU-ID: 2023-02497
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Swing component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to manipulate data
CVE-STATUS: Resolved
CVE-REV: Run yum update java-11-openjdk to close.
CVE-ID: CVE-2023-21954
BDU-ID: 2023-02501
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information
CVE-STATUS: Resolved
CVE-REV: Run yum update java-11-openjdk to close.
CVE-ID: CVE-2023-21967
BDU-ID: 2023-02504
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability exists in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: Run the yum update java-11-openjdk command to close.
CVE-ID: CVE-2023-21968
BDU-ID: 2023-02505
CVE-Crit: LOW
CVE-DESC.: A vulnerability exists in the Libraries component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to modify, add, or delete data
CVE-STATUS: Resolved
CVE-REV: Run the yum update java-11-openjdk command to close.
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
42.5%