CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
Percentile
69.8%
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of
Oracle Java SE (component: JSSE). Supported versions that are affected are
Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and
21.2.0. Easily exploitable vulnerability allows unauthenticated attacker
with network access via TLS to compromise Java SE, Oracle GraalVM
Enterprise Edition. Successful attacks of this vulnerability can result in
unauthorized ability to cause a partial denial of service (partial DOS) of
Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can
only be exploited by supplying data to APIs in the specified Component
without using Untrusted Java Web Start applications or Untrusted Java
applets, such as through a web service. CVSS 3.1 Base Score 5.3
(Availability impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~18.04 | UNKNOWN |
ubuntu | 20.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~20.04 | UNKNOWN |
ubuntu | 21.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~21.04 | UNKNOWN |
ubuntu | 21.10 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~21.10 | UNKNOWN |
ubuntu | 16.04 | noarch | openjdk-8 | < 8u312-b07-0ubuntu1~16.04 | UNKNOWN |
ubuntu | 18.04 | noarch | openjdk-lts | < 11.0.13+8-0ubuntu1~18.04 | UNKNOWN |
ubuntu | 20.04 | noarch | openjdk-lts | < 11.0.13+8-0ubuntu1~20.04 | UNKNOWN |
ubuntu | 21.04 | noarch | openjdk-lts | < 11.0.13+8-0ubuntu1~21.04 | UNKNOWN |
ubuntu | 21.10 | noarch | openjdk-lts | < 11.0.13+8-0ubuntu1~21.10 | UNKNOWN |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
Percentile
69.8%