Denial of Service Vulnerability in Oracle GraalVM Enterprise Edition
CVE-2019-2813

7.7HIGH

Key Information:

Vendor: Oracle
Status: Graalvm Enterprise Edition
Vendor: CVE Published:; 23 July 2019

What is CVE-2019-2813?

A vulnerability has been identified in the Oracle GraalVM Enterprise Edition component, specifically in version 19.0.0. This easily exploitable weakness allows an attacker with low privileges and network access to initiate attacks through multiple protocols. Successful exploitation of this vulnerability can lead to unauthorized actions that may cause the Oracle GraalVM Enterprise Edition to hang or crash frequently, resulting in a complete denial of service (DoS) condition. While primarily affecting GraalVM, the implications of this vulnerability may extend to other products linked to it.

Affected Version(s)

GraalVM Enterprise Edition 19.0.0

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_MISC

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2019
Vulnerability Reserved
Dec 14, 2018