Vulnerability in Oracle Secure Global Desktop by Oracle affecting virtualization environments
CVE-2021-2177

10CRITICAL

Key Information:

Vendor: Oracle
Status: Secure Global Desktop
Vendor: CVE Published:; 22 April 2021

What is CVE-2021-2177?

The vulnerability in Oracle Secure Global Desktop allows unauthenticated attackers to gain network access, potentially leading to a complete system compromise. This presents a significant risk as successful exploitation can impact additional interconnected products within the Oracle virtualization ecosystem, thereby expanding the attack surface. Promptly addressing this vulnerability is critical to maintaining the integrity and security of affected installations.

Affected Version(s)

Secure Global Desktop 5.6

References

https://www.oracle.com/security-alerts/cpuapr2021.html

x_refsource_MISC

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2021
Vulnerability Reserved
Dec 9, 2020