Lucene search

K

Veracode Vulnerability DatabaseVERACODE:44522

HistoryNov 30, 2023 - 8:28 p.m.

Information Disclosure

2023-11-3020:28:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

openjdk

vulnerability

disclosure

unauthorized access

sensitive information

network access

multiple protocols

CVSS3

3.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

24.7%

openjdk is vulnerable to Information Disclosure. An unathenticated attacker with network access via multiple protocols is able to potentially compromise the system and gain unauthorized access, resulting in disclosure of sensitive information.

References

secdb.alpinelinux.org/edge/community.yaml

secdb.alpinelinux.org/v3.16/community.yaml

secdb.alpinelinux.org/v3.17/community.yaml

secdb.alpinelinux.org/v3.18/community.yaml

security.netapp.com/advisory/ntap-20230725-0006/

www.debian.org/security/2023/dsa-5458

www.oracle.com/security-alerts/cpujul2023.html

CVSS3

3.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

24.7%

Related for VERACODE:44522

nvd1 prion1 debiancve1 ibm3 cvelist1 openvas14 f51 alpinelinux1 vulnrichment1 cve1 osv8 ubuntucve1 redhatcve1 debian1 nessus24 almalinux2 ubuntu3 redhat9 oraclelinux2 gentoo1 amazon1 kaspersky1 mageia1 oracle1