Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
broadcomBroadcom Security ResponseBSNSA22454
HistoryAug 29, 2023 - 12:00 a.m.

Oracle Java SE Multiple Vulnerabilities (Jan 2023 CPU update) CVE-2023-21830 CVE-2023-21843 CVE-2023-21835

2023-08-2900:00:00
Broadcom Security Response
support.broadcom.com
16
oracle java se
oracle graalvm
vulnerabilities
january 2023
network access
unauthorized access
unauthorized update

EPSS

0.001

Percentile

47.2%

JSON

The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2023 CPU advisory:

  • Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf;
    Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.
    (CVE-2023-21830)
  • Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1;
    Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.
    (CVE-2023-21835)
  • Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. (CVE-2023-21843)

Affected configurations

Vulners
Node
broadcombrocade_sannavMatch2.2.0
VendorProductVersionCPE
broadcombrocade_sannav2.2.0cpe:2.3:a:broadcom:brocade_sannav:2.2.0:*:*:*:*:*:*:*

Related

nessus 69
ibm 29
openvas 20
kaspersky 1
mageia 1
cloudlinux 1
osv 20
redhat 27
oraclelinux 8
ubuntu 2
centos 2
rocky 5
almalinux 4
fedora 7
amazon 2
altlinux 1
nessus
nessus
Azul Zulu Java Multiple Vulnerabilities (2023-01-17)
2023-01-17 00:00:00
Oracle Java SE Multiple Vulnerabilities (January 2023 CPU)
2023-01-19 00:00:00
IBM Java 7.1 < 7.1.5.17 / 8.0 < 8.0.8.0 Multiple Vulnerabilities
2023-04-14 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilies in Java affect IBM Robotic Process Automation for Cloud Pak which may result in a denial of service (CVE-2023-21830, CVE-2023-21835, CVE-2023-21843)
2023-03-23 21:33:55
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service due to [CVE-2023-21830, CVE-2023-21835, CVE-2023-21843]
2023-03-03 11:56:29
Security Bulletin: Vulnerabilities in Golang Go and Java SE might affect IBM Spectrum Copy Data Management (CVE-2022-41717, CVE-2023-21830, CVE-2023-21835, CVE-2023-21843)
2023-03-16 18:03:55
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0037)
2023-03-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:1850-1)
2023-04-17 00:00:00
CentOS: Security Advisory for java (CESA-2023:0203)
2023-01-31 00:00:00
kaspersky
kaspersky
KLA20166 Multiple vulnerabilities in Oracle Java SE and GraalVM
2023-01-17 00:00:00
mageia
mageia
Updated java/timezone packages fix security vulnerability
2023-02-07 03:06:39
cloudlinux
cloudlinux
java-1.8.0-openjdk: Fix of 2 CVEs
2023-02-09 23:37:32
osv
osv
Moderate: java-1.8.0-openjdk security and bug fix update
2023-01-26 00:00:00
Moderate: java-1.8.0-openjdk security and bug fix update
2023-01-26 15:49:43
Moderate: java-11-openjdk security and bug fix update
2023-01-18 00:00:00
redhat
redhat
(RHSA-2023:0210) Moderate: java-1.8.0-openjdk security and bug fix update
2023-01-26 15:49:43
(RHSA-2023:0206) Moderate: java-1.8.0-openjdk security update
2023-01-23 17:23:03
(RHSA-2023:0204) Moderate: java-1.8.0-openjdk security update
2023-01-23 15:13:39
oraclelinux
oraclelinux
java-1.8.0-openjdk security and bug fix update
2023-01-26 00:00:00
java-11-openjdk security and bug fix update
2023-01-18 00:00:00
java-1.8.0-openjdk security and bug fix update
2023-01-27 00:00:00
ubuntu
ubuntu
OpenJDK vulnerabilities
2023-02-28 00:00:00
OpenJDK vulnerabilities
2023-02-28 00:00:00
centos
centos
java security update
2023-01-30 16:39:46
java security update
2023-01-30 16:38:47
rocky
rocky
java-1.8.0-openjdk security and bug fix update
2023-01-26 15:49:43
java-1.8.0-openjdk security and bug fix update
2023-01-26 20:49:48
java-11-openjdk security and bug fix update
2023-01-18 09:45:07
almalinux
almalinux
Moderate: java-1.8.0-openjdk security and bug fix update
2023-01-26 00:00:00
Moderate: java-17-openjdk security and bug fix update
2023-01-23 00:00:00
Moderate: java-1.8.0-openjdk security and bug fix update
2023-01-26 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: java-1.8.0-openjdk-1.8.0.362.b09-2.fc37
2023-02-05 01:47:41
[SECURITY] Fedora 36 Update: java-latest-openjdk-19.0.2.0.7-1.rolling.fc36
2023-02-05 01:54:13
[SECURITY] Fedora 37 Update: java-17-openjdk-17.0.6.0.10-1.fc37
2023-01-31 02:01:44
amazon
amazon
Medium: java-11-amazon-corretto
2023-01-18 00:17:00
Medium: java-17-amazon-corretto
2023-01-18 00:18:00
altlinux
altlinux
Security fix for the ALT Linux 10 package java-17-openjdk version 0:17.0.6.0.10-alt1
2023-02-15 00:00:00

EPSS

0.001

Percentile

47.2%

JSON
Related for BSNSA22454
nessus69ibm29openvas20kaspersky1mageia1cloudlinux1osv20redhat27oraclelinux8ubuntu2centos2rocky5almalinux4fedora7amazon2altlinux1