CVE-2023-21930

2023-04-1819:54:23

oracle

github.com

cve-2023-21930

security vulnerability

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.7

Confidence

High

EPSS

0.002

Percentile

53.5%

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:oracle:graalvm:21.3.5:*:*:*:enterprise:*:*:*",
      "cpe:2.3:a:oracle:graalvm:22.3.1:*:*:*:enterprise:*:*:*"
    ],
    "vendor": "oracle",
    "product": "graalvm",
    "versions": [
      {
        "status": "affected",
        "version": "21.3.5"
      },
      {
        "status": "affected",
        "version": "22.3.1"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:oracle:jdk:11.0.18:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:jdk:17.0.6:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:jdk:1.8.0:update361:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:jdk:20:*:*:*:*:*:*:*"
    ],
    "vendor": "oracle",
    "product": "jdk",
    "versions": [
      {
        "status": "affected",
        "version": "11.0.18"
      },
      {
        "status": "affected",
        "version": "17.0.6"
      },
      {
        "status": "affected",
        "version": "1.8.0"
      },
      {
        "status": "affected",
        "version": "20"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:oracle:jre:11.0.18:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:jre:17.0.6:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:jre:1.8.0:update361:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:jre:20:*:*:*:*:*:*:*"
    ],
    "vendor": "oracle",
    "product": "jre",
    "versions": [
      {
        "status": "affected",
        "version": "11.0.18"
      },
      {
        "status": "affected",
        "version": "17.0.6"
      },
      {
        "status": "affected",
        "version": "1.8.0"
      },
      {
        "status": "affected",
        "version": "20"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*"
    ],
    "vendor": "netapp",
    "product": "oncommand_insight",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
      "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
      "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*"
    ],
    "vendor": "debian",
    "product": "debian_linux",
    "versions": [
      {
        "status": "affected",
        "version": "10.0"
      },
      {
        "status": "affected",
        "version": "11.0"
      },
      {
        "status": "affected",
        "version": "12.0"
      }
    ],
    "defaultStatus": "unknown"
  }
]