Denial of Service Vulnerability in Oracle GraalVM Enterprise Edition
CVE-2019-2813
7.7HIGH
Summary
A vulnerability has been identified in the Oracle GraalVM Enterprise Edition component, specifically in version 19.0.0. This easily exploitable weakness allows an attacker with low privileges and network access to initiate attacks through multiple protocols. Successful exploitation of this vulnerability can lead to unauthorized actions that may cause the Oracle GraalVM Enterprise Edition to hang or crash frequently, resulting in a complete denial of service (DoS) condition. While primarily affecting GraalVM, the implications of this vulnerability may extend to other products linked to it.
Affected Version(s)
GraalVM Enterprise Edition 19.0.0
References
CVSS V3.1
Score:
7.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved