Lucene search

K

Veracode Vulnerability DatabaseVERACODE:31224

HistoryJul 16, 2021 - 12:12 p.m.

Privilege Escalation

2021-07-1612:12:36

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

13

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

openjdk7 is vulnerable to privilege escalation. An attacker is able to have unauthorised creation, deletion or modification access to critical data of the system.

CPENameOperatorVersion
openjdk7:edgeeq7.221.2.6.18-r2
openjdk7:edgeeq7.221.2.6.18-r0
openjdk7:edgeeq7.281.2.6.24-r0
openjdk7:edgeeq7.291.2.6.25-r0
openjdk7:edgeeq7.281.2.6.24-r1
openjdk7:edgeeq7.221.2.6.18-r1
openjdk7:3.14eq7.281.2.6.24-r1
openjdk7:edgeeq7.221.2.6.18-r2
openjdk7:edgeeq7.221.2.6.18-r0
openjdk7:edgeeq7.281.2.6.24-r0

Rows per page:

1-10 of 141

References

docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures

kc.mcafee.com/corporate/index?page=content&id=SB10366

lists.debian.org/debian-lts-announce/2021/04/msg00021.html

lists.fedoraproject.org/archives/list/[email protected]/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/

lists.fedoraproject.org/archives/list/[email protected]/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/

lists.fedoraproject.org/archives/list/[email protected]/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/

lists.fedoraproject.org/archives/list/[email protected]/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/

lists.fedoraproject.org/archives/list/[email protected]/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/

lists.fedoraproject.org/archives/list/[email protected]/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/

secdb.alpinelinux.org/edge/community.yaml

security.netapp.com/advisory/ntap-20210513-0001/

www.debian.org/security/2021/dsa-4899

www.oracle.com/security-alerts/cpuapr2021.html

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Related for VERACODE:31224

ibm55 cnvd1 prion1 alpinelinux1 f51 cve1 redhatcve1 debian2 debiancve1 ubuntucve1 nessus33 openvas30 fedora6 mageia1 redhat2 suse9 kaspersky1 rosalinux1 gentoo1 cloudlinux1 altlinux1 photon1 oracle1