CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
Low
EPSS
Percentile
32.9%
Oracle Java SE is vulnerable to Unauthorized Data Access. The vulnerability is due to the lack of proper authentication measures and due to running untrusted code that rely on Java sandbox for security. This results in unauthorized creation, deletion, or modification access to critical data or all Oracle Java SE accessible data. This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets.