Oracle Secure Global Desktop Vulnerability in Oracle Virtualization
CVE-2021-2446

9.6CRITICAL

Key Information:

Vendor: Oracle
Status: Secure Global Desktop
Vendor: CVE Published:; 20 July 2021

What is CVE-2021-2446?

A vulnerability in Oracle Secure Global Desktop, part of Oracle's Virtualization suite, allows an unauthenticated attacker with network access to exploit the system. This issue requires user interaction for successful exploitation, which can lead to a complete takeover of the desktop environment. The ramifications extend beyond the Secure Global Desktop, potentially affecting other systems within the network.

Affected Version(s)

Secure Global Desktop 5.6

References

https://www.oracle.com/security-alerts/cpujul2021.html

x_refsource_MISC

CVSS V3.1

Score:

9.6

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 20, 2021
Vulnerability Reserved
Dec 9, 2020