Vulnerability in Oracle Secure Global Desktop Affects Oracle Virtualization
CVE-2021-2447

9.9CRITICAL

Key Information:

Vendor: Oracle
Status: Secure Global Desktop
Vendor: CVE Published:; 20 July 2021

What is CVE-2021-2447?

A vulnerability in Oracle Secure Global Desktop allows low-privileged attackers with network access to exploit the system through various protocols. This vulnerability can lead to unauthorized takeover of the Oracle Secure Global Desktop, potentially compromising confidentiality, integrity, and availability. Exploits may have broader implications on associated Oracle virtualization products, making it crucial for users to apply recommended security measures promptly.

Affected Version(s)

Secure Global Desktop 5.6

References

https://www.oracle.com/security-alerts/cpujul2021.html

x_refsource_MISC

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 20, 2021
Vulnerability Reserved
Dec 9, 2020