Unauthenticated Access Vulnerability in Oracle Java SE and GraalVM
CVE-2023-22067

5.3MEDIUM

Key Information:

Vendor: Oracle
Status: Java Se Jdk And Jre
Vendor: CVE Published:; 17 October 2023

What is CVE-2023-22067?

A vulnerability in Oracle Java SE and Oracle GraalVM Enterprise Edition allows unauthenticated attackers with network access via CORBA to compromise sensitive data. The flaw can be exploited by sending crafted data to APIs within the CORBA component, potentially leading to unauthorized modifications (insert, update, delete) of accessible data in the affected product versions. No trusted Java Web Start applications or applets are required for exploitation, underscoring the seriousness of this vulnerability for users and organizations relying on these platforms.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Java SE JDK and JRE Oracle Java SE:8u381

Java SE JDK and JRE Oracle Java SE:8u381-perf

Java SE JDK and JRE Oracle GraalVM Enterprise Edition:20.3.11

References

https://www.oracle.com/security-alerts/cpuoct2023.html

vendor-advisory

https://security.netapp.com/advisory/ntap-20231027-0006/

https://www.debian.org/security/2023/dsa-5537

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 17, 2023
Vulnerability Reserved
Dec 17, 2022

JSON

Oracle

What is CVE-2023-22067?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.