Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2021-35560
HistoryOct 20, 2021 - 12:00 a.m.

CVE-2021-35560

2021-10-2000:00:00
ubuntu.com
ubuntu.com
6

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.1%

JSON

Vulnerability in the Java SE product of Oracle Java SE (component:
Deployment). The supported version that is affected is Java SE: 8u301.
Difficult to exploit vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise Java SE. Successful
attacks require human interaction from a person other than the attacker.
Successful attacks of this vulnerability can result in takeover of Java SE.
Note: This vulnerability applies to Java deployments, typically in clients
running sandboxed Java Web Start applications or sandboxed Java applets,
that load and run untrusted code (e.g., code that comes from the internet)
and rely on the Java sandbox for security. This vulnerability does not
apply to Java deployments, typically in servers, that load and run only
trusted code (e.g., code installed by an administrator). CVSS 3.1 Base
Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS
Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).

Notes

Author Note
sbeattie java 8 only, Deployments not included in openjdk, only Oracle Java.

Related

redhatcve 1
prion 1
cve 1
debiancve 1
cnvd 1
ibm 57
openvas 5
f5 1
nessus 8
redhat 2
aix 1
suse 1
kaspersky 1
photon 1
oracle 1
redhatcve
redhatcve
CVE-2021-35560
2021-11-30 14:52:48
prion
prion
Code injection
2021-10-20 11:16:00
cve
cve
CVE-2021-35560
2021-10-20 11:16:00
debiancve
debiancve
CVE-2021-35560
2021-10-20 11:16:00
cnvd
cnvd
Oracle Java SE Unauthorized Access Vulnerability
2021-10-20 00:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2021
2022-02-28 23:37:22
Security Bulletin: Multiple security vulnerabilities have been identified in IBM® Java SDK that affect IBM Security Directory Suite - October 2021 CPU
2022-02-08 19:40:15
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021 - Includes Oracle October 2021 CPU
2022-06-13 21:46:30
openvas
openvas
Oracle Java SE Security Update (oct2021) 01 - Windows
2021-10-25 00:00:00
Oracle Java SE Security Update (oct2021) 01 - Linux
2021-10-25 00:00:00
openSUSE: Security Advisory for java-1_8_0-ibm (openSUSE-SU-2022:0108-1)
2022-02-08 00:00:00
f5
f5
K63415246 : Multiple Java vulnerabilities CVE-2021-35560, CVE-2021-35561, CVE-2021-35564, CVE-2021-35567, CVE-2021-35586
2022-09-06 00:00:00
nessus
nessus
RHEL 8 : java-1.8.0-ibm (RHSA-2022:0345)
2022-02-01 00:00:00
RHEL 7 : java-1.8.0-ibm (RHSA-2021:5030)
2021-12-08 00:00:00
SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2022:0108-1)
2022-01-19 00:00:00
redhat
redhat
(RHSA-2022:0345) Important: java-1.8.0-ibm security update
2022-02-01 15:01:14
(RHSA-2021:5030) Important: java-1.8.0-ibm security update
2021-12-08 16:11:56
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2022-02-23 08:12:23
suse
suse
Security update for seamonkey (important)
2022-04-08 00:00:00
kaspersky
kaspersky
KLA12331 Multiple vulnerabilities in Oracle Java SE
2021-09-28 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0413
2023-06-19 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.1%

JSON
Related for UB:CVE-2021-35560
redhatcve1prion1cve1debiancve1cnvd1ibm57openvas5f51nessus8redhat2aix1suse1kaspersky1photon1oracle1