Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2021-1989-1.NASL
HistoryJun 21, 2021 - 12:00 a.m.

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2021:1989-1)

2021-06-2100:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
55
suse sles15
vulnerability
java se
oracle graalvm
unauthorized access
network access

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.002

Percentile

60.9%

JSON

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:1989-1 advisory.

  • Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16;
    Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. (CVE-2021-2163)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2021:1989-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(150890);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");

  script_cve_id("CVE-2021-2163");
  script_xref(name:"IAVA", value:"2021-A-0195");
  script_xref(name:"SuSE", value:"SUSE-SU-2021:1989-1");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");

  script_name(english:"SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2021:1989-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced
in the SUSE-SU-2021:1989-1 advisory.

  - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java
    SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16;
    Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to
    exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to
    compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks require human
    interaction from a person other than the attacker. Successful attacks of this vulnerability can result in
    unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded,
    Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments
    that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox
    for security. (CVE-2021-2163)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185055");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-2163");
  # https://lists.suse.com/pipermail/sle-security-updates/2021-June/009025.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cea74979");
  script_set_attribute(attribute:"solution", value:
"Update the affected java-1_8_0-openjdk, java-1_8_0-openjdk-demo, java-1_8_0-openjdk-devel and / or java-1_8_0-openjdk-
headless packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-2163");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/04/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/06/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/06/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES15|SLES_SAP15)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(0|1|2|3)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP0/1/2/3", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(0|1)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP0/1", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'java-1_8_0-openjdk-1.8.0.292-3.52', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},
    {'reference':'java-1_8_0-openjdk-demo-1.8.0.292-3.52', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},
    {'reference':'java-1_8_0-openjdk-devel-1.8.0.292-3.52', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},
    {'reference':'java-1_8_0-openjdk-headless-1.8.0.292-3.52', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},
    {'reference':'java-1_8_0-openjdk-1.8.0.292-3.52', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},
    {'reference':'java-1_8_0-openjdk-demo-1.8.0.292-3.52', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},
    {'reference':'java-1_8_0-openjdk-devel-1.8.0.292-3.52', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},
    {'reference':'java-1_8_0-openjdk-headless-1.8.0.292-3.52', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},
    {'reference':'java-1_8_0-openjdk-1.8.0.292-3.52', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.2']},
    {'reference':'java-1_8_0-openjdk-demo-1.8.0.292-3.52', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.2']},
    {'reference':'java-1_8_0-openjdk-devel-1.8.0.292-3.52', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.2']},
    {'reference':'java-1_8_0-openjdk-headless-1.8.0.292-3.52', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.2']},
    {'reference':'java-1_8_0-openjdk-1.8.0.292-3.52', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.3']},
    {'reference':'java-1_8_0-openjdk-demo-1.8.0.292-3.52', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.3']},
    {'reference':'java-1_8_0-openjdk-devel-1.8.0.292-3.52', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.3']},
    {'reference':'java-1_8_0-openjdk-headless-1.8.0.292-3.52', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.3']},
    {'reference':'java-1_8_0-openjdk-1.8.0.292-3.52', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},
    {'reference':'java-1_8_0-openjdk-demo-1.8.0.292-3.52', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},
    {'reference':'java-1_8_0-openjdk-devel-1.8.0.292-3.52', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},
    {'reference':'java-1_8_0-openjdk-headless-1.8.0.292-3.52', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},
    {'reference':'java-1_8_0-openjdk-1.8.0.292-3.52', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},
    {'reference':'java-1_8_0-openjdk-demo-1.8.0.292-3.52', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},
    {'reference':'java-1_8_0-openjdk-devel-1.8.0.292-3.52', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},
    {'reference':'java-1_8_0-openjdk-headless-1.8.0.292-3.52', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},
    {'reference':'java-1_8_0-openjdk-1.8.0.292-3.52', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-15.1']},
    {'reference':'java-1_8_0-openjdk-demo-1.8.0.292-3.52', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-15.1']},
    {'reference':'java-1_8_0-openjdk-devel-1.8.0.292-3.52', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-15.1']},
    {'reference':'java-1_8_0-openjdk-headless-1.8.0.292-3.52', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-15.1']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  var ltss_plugin_caveat = NULL;
  if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1_8_0-openjdk / java-1_8_0-openjdk-demo / etc');
}
VendorProductVersionCPE
novellsuse_linuxjava-1_8_0-openjdkp-cpe:/a:novell:suse_linux:java-1_8_0-openjdk
novellsuse_linuxjava-1_8_0-openjdk-demop-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo
novellsuse_linuxjava-1_8_0-openjdk-develp-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel
novellsuse_linuxjava-1_8_0-openjdk-headlessp-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless
novellsuse_linux15cpe:/o:novell:suse_linux:15

Related

oraclelinux 4
redhat 16
nessus 49
openvas 32
osv 4
ibm 60
veracode 1
redhatcve 1
debiancve 1
ubuntucve 1
almalinux 2
nvd 1
amazon 1
cvelist 1
prion 1
cve 1
ubuntu 1
alpinelinux 1
f5 1
centos 2
suse 7
fedora 6
debian 1
kaspersky 1
mageia 1
rosalinux 1
aix 1
oraclelinux
oraclelinux
java-11-openjdk security update
2021-04-21 00:00:00
java-1.8.0-openjdk security update
2021-04-21 00:00:00
java-1.8.0-openjdk security update
2021-04-21 00:00:00
redhat
redhat
(RHSA-2022:6755) Moderate: java-1.7.1-ibm security update
2022-09-29 15:03:21
(RHSA-2021:1444) Moderate: OpenJDK 8u292 Security Update for Portable Linux Builds
2021-04-28 12:29:11
(RHSA-2021:1299) Moderate: java-1.8.0-openjdk security update
2021-04-20 20:57:45
nessus
nessus
RHEL 8 : java-1.8.0-openjdk (RHSA-2021:1299)
2021-04-21 00:00:00
RHEL 8 : java-11-openjdk (RHSA-2021:1305)
2021-04-29 00:00:00
RHEL 8 : java-11-openjdk (RHSA-2021:1306)
2021-04-21 00:00:00
openvas
openvas
CentOS: Security Advisory for java-11-openjdk (CESA-2021:1297)
2021-05-01 00:00:00
Ubuntu: Security Advisory (USN-4892-1)
2021-04-30 00:00:00
CentOS: Security Advisory for java (CESA-2021:1298)
2021-05-01 00:00:00
osv
osv
openjdk-8 - security update
2021-04-23 00:00:00
openjdk-8, openjdk-lts vulnerability
2021-04-27 16:49:59
openjdk-11 - security update
2021-04-23 00:00:00
ibm
ibm
Security Bulletin: The IBM® Engineering Lifecycle Engineering products are vulnerable to CVE-2021-2163
2022-12-26 10:55:50
Security Bulletin: IBM Sterling Control Center is vulnerable to unauthenticated data manipulation due to Java SE (CVE-2021-2163)
2022-11-23 21:30:11
Security Bulletin: A security vulnerability has been identified in IBM Java SDK affecting WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2021-2163)
2022-09-15 11:45:52
veracode
veracode
Authorization Bypass
2021-04-24 22:10:55
redhatcve
redhatcve
CVE-2021-2163
2021-04-20 20:43:56
debiancve
debiancve
CVE-2021-2163
2021-04-22 22:15:13
ubuntucve
ubuntucve
CVE-2021-2163
2021-04-20 00:00:00
almalinux
almalinux
Moderate: java-11-openjdk security update
2021-04-20 21:33:58
Moderate: java-1.8.0-openjdk security update
2021-04-20 20:58:47
nvd
nvd
CVE-2021-2163
2021-04-22 22:15:13
amazon
amazon
Medium: java-1.8.0-openjdk
2021-07-08 18:38:00
cvelist
cvelist
CVE-2021-2163
2021-04-22 21:53:46
prion
prion
Design/Logic Flaw
2021-04-22 22:15:00
cve
cve
CVE-2021-2163
2021-04-22 22:15:13
ubuntu
ubuntu
OpenJDK vulnerability
2021-04-27 00:00:00
alpinelinux
alpinelinux
CVE-2021-2163
2021-04-22 22:15:13
f5
f5
K71522481 : Java vulnerability CVE-2021-2163
2022-12-06 00:00:00
centos
centos
java security update
2021-04-29 17:55:30
java security update
2021-04-29 17:56:29
suse
suse
Security update for java-1_8_0-openjdk (moderate)
2021-07-11 00:00:00
Security update for java-11-openjdk (important)
2021-05-14 00:00:00
Security update for java-1_8_0-openjdk (moderate)
2021-06-28 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: java-1.8.0-openjdk-1.8.0.292.b10-0.fc32
2021-04-30 01:07:06
[SECURITY] Fedora 33 Update: java-11-openjdk-11.0.11.0.9-0.fc33
2021-04-24 18:07:10
[SECURITY] Fedora 33 Update: java-1.8.0-openjdk-1.8.0.292.b10-0.fc33
2021-04-29 19:05:32
debian
debian
[SECURITY] [DLA 2634-1] openjdk-8 security update
2021-04-23 11:31:18
kaspersky
kaspersky
KLA12159 Multiple vulnerabilities in Oracle Java SE
2021-04-20 00:00:00
mageia
mageia
Updated java-openjdk packages fix security vulnerabilities
2021-06-29 01:51:23
rosalinux
rosalinux
Advisory ROSA-SA-2023-2133
2023-03-21 12:31:42
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2022-12-22 10:09:37

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.002

Percentile

60.9%

JSON
Related for SUSE_SU-2021-1989-1.NASL
oraclelinux4redhat16nessus49openvas32osv4ibm60veracode1redhatcve1debiancve1ubuntucve1almalinux2nvd1amazon1cvelist1prion1cve1ubuntu1alpinelinux1f51centos2suse7fedora6debian1kaspersky1mageia1rosalinux1aix1