Vulnerability in Oracle Secure Global Desktop Affects Oracle Virtualization
CVE-2021-35650

4.6MEDIUM

Key Information:

Vendor: Oracle
Status: Secure Global Desktop
Vendor: CVE Published:; 20 October 2021

Summary

A vulnerability exists in Oracle Secure Global Desktop within Oracle Virtualization that allows low privileged attackers with network access through various protocols to compromise the system. Successful exploitation requires human interaction from a user outside of the attacker's control. This vulnerability can lead to unauthorized access to certain data and may permit a partial denial of service, disrupting the operations of the Oracle Secure Global Desktop.

Affected Version(s)

Secure Global Desktop 5.6

References

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 20, 2021
Vulnerability Reserved
Jun 28, 2021