Vulnerability in Oracle Secure Global Desktop by Oracle affecting virtualization environments
CVE-2021-2177

10CRITICAL

Key Information:

Vendor
Oracle
Status
Secure Global Desktop
Vendor
CVE Published:
22 April 2021

Summary

The vulnerability in Oracle Secure Global Desktop allows unauthenticated attackers to gain network access, potentially leading to a complete system compromise. This presents a significant risk as successful exploitation can impact additional interconnected products within the Oracle virtualization ecosystem, thereby expanding the attack surface. Promptly addressing this vulnerability is critical to maintaining the integrity and security of affected installations.

Affected Version(s)

Secure Global Desktop 5.6

References

https://www.oracle.com/security-alerts/cpuapr2021.html
x_refsource_MISC

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.