5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
49.7%
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of
Oracle Java SE (component: JSSE). Supported versions that are affected are
Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3
and 21.2.0. Easily exploitable vulnerability allows unauthenticated
attacker with network access via TLS to compromise Java SE, Oracle GraalVM
Enterprise Edition. Successful attacks of this vulnerability can result in
unauthorized ability to cause a partial denial of service (partial DOS) of
Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can
only be exploited by supplying data to APIs in the specified Component
without using Untrusted Java Web Start applications or Untrusted Java
applets, such as through a web service. CVSS 3.1 Base Score 5.3
(Availability impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~18.04 | UNKNOWN |
ubuntu | 20.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~20.04 | UNKNOWN |
ubuntu | 21.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~21.04 | UNKNOWN |
ubuntu | 21.10 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~21.10 | UNKNOWN |
ubuntu | 16.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~16.04) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 18.04 | noarch | openjdk-lts | < 11.0.13+8-0ubuntu1~18.04 | UNKNOWN |
ubuntu | 20.04 | noarch | openjdk-lts | < 11.0.13+8-0ubuntu1~20.04 | UNKNOWN |
ubuntu | 21.04 | noarch | openjdk-lts | < 11.0.13+8-0ubuntu1~21.04 | UNKNOWN |
ubuntu | 21.10 | noarch | openjdk-lts | < 11.0.13+8-0ubuntu1~21.10 | UNKNOWN |
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
49.7%