Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.7
CVSSv3

CVE-2023-22025

Published: 17/10/2023 Updated: 01/02/2024
CVSS v3 Base Score: 3.7 | Impact Score: 1.4 | Exploitability Score: 2.2
VMScore: 0
Subscribe to Graalvm For Jdk

Vulnerability Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 21.3.7 and 22.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition,. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

Vulnerable Product Search on Vulmon Subscribe to Product

oracle graalvm for jdk 17.0.8

oracle graalvm for jdk 21

oracle jdk 21.0.0

oracle jre 21.0.0

oracle jdk 17.0.8

oracle jre 17.0.8

oracle jdk 1.8.0

oracle jre 1.8.0

netapp cloud insights acquisition unit -

netapp cloud insights storage workload security agent -

Vendor Advisories

Debian Security Advisories: DSA-5548-1 openjdk-17 -- security update
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service For the oldstable distribution (bullseye), these problems have been fixed in version 1709+9-1~deb11u1 For the stable distribution (bookworm), these problems have been fixed in version 1709+9-1~deb12u1 We recommend that you upgrade ...
Red Hat: Important: Cryostat security update
Synopsis Important: Cryostat security update Type/Severity Security Advisory: Important Topic An update is now available for Cryostat 2 on RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available ...
Red Hat: Moderate: java-17-openjdk security and bug fix update
Synopsis Moderate: java-17-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-17-openjdk is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat ...
Red Hat: Moderate: java-17-openjdk security and bug fix update
Synopsis Moderate: java-17-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rate ...
Red Hat: Moderate: java-17-openjdk security and bug fix update
Synopsis Moderate: java-17-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-17-openjdk is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat ...
Red Hat: Important: Release of OpenShift Serverless 1.30.2
Synopsis Important: Release of OpenShift Serverless 1302 Type/Severity Security Advisory: Important Topic Red Hat OpenShift Serverless version 1302 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severit ...
Red Hat: Important: Updated Red Hat Process Automation Manager 7.13.4 SP2 Images
Synopsis Important: Updated Red Hat Process Automation Manager 7134 SP2 Images Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Process Automation Manager including images for Red Hat OpenShift Container Platform Description Red Hat Process Automation Manager is an open source business process manag ...
Red Hat: Moderate: java-17-openjdk security and bug fix update
Synopsis Moderate: java-17-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rate ...
Red Hat: Moderate: OpenJDK 17.0.9 Security Update for Windows Builds
Synopsis Moderate: OpenJDK 1709 Security Update for Windows Builds Type/Severity Security Advisory: Moderate Topic An update is now available for OpenJDKRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is ...
Amazon Linux 2: ALAS2-2023-2314
Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled (CVE-2023-22025) Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE (component: JSSE) Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11020, 1708, 2002; Oracle GraalVM for JDK: 1708 and 2002 Easily exploitable ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center CVE-2023-22025, CVE-2023-22067, CVE-2023-22081 Affected products and versions are listed below Please upgrade your version to the appropriate version, or ...
Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexus
Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2023-22025, CVE-2023-22067, CVE-2023-22081 Affected products and versions are listed below Please upgrade your version to the appropriate version These vulnerabilities exist in Cosminexus Developer's Kit for Java(TM) and Hi ...

References

NVD-CWE-noinfohttps://www.oracle.com/security-alerts/cpuoct2023.htmlhttps://security.netapp.com/advisory/ntap-20231027-0006/https://www.debian.org/security/2023/dsa-5548https://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5548
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook