What is CVE-2021-35564?

A medium-severity vulnerability in Oracle GraalVM and Java SE allows unauthenticated attackers to compromise accessible data. Organizations should prioritize remediation.

What is the severity of CVE-2021-35564?

CVE-2021-35564 has a severity rating of MEDIUM with a CVSS base score of 5.3.

CVE-2021-35564 | Medium Vulnerability in Oracle GraalVM and Java SE

CVE-2021-35564 is a medium-severity vulnerability affecting Oracle's GraalVM and Java SE products, specifically the Keytool component. The vulnerability has a CVSS score of 5.3, indicating a moderate level of risk for organizations utilizing these technologies. It allows an unauthenticated attacker with network access through multiple protocols to compromise the Java SE and GraalVM environments. Successful exploitation can lead to unauthorized updates, insertions, or deletions of accessible data.

This vulnerability primarily impacts Java deployments in environments running sandboxed Java Web Start applications or Java applets, which load untrusted code from the internet and rely on the Java sandbox for security. Additionally, the vulnerability can be exploited through APIs in the specified component, such as through web services supplying data to these APIs.

The publication date of this vulnerability was October 20, 2021, and it has been categorized as modified since its initial disclosure. Organizations should assess their use of the affected versions, as timely remediation is essential to mitigate the risks associated with this vulnerability.

Given the nature of the exploitation and the potential for unauthorized access, organizations utilizing the affected Java SE and GraalVM versions must prioritize patching and remediation efforts immediately.

Vulnerability Details

The CVE-2021-35564 vulnerability is part of the Java SE and Oracle GraalVM Enterprise Edition product line. Supported affected versions include Java SE 7u311, 8u301, 11.0.12, and 17; Oracle GraalVM Enterprise Edition versions 20.3.3 and 21.2.0. The CVSS score of 5.3 reflects low integrity impact while indicating no confidentiality or availability impacts. The relevant CVSS vector is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).

The vulnerability is classified as a medium-severity flaw that allows attackers to compromise the integrity of Java SE and GraalVM data. Attackers can exploit this flaw without needing authentication and without requiring user interaction, making it particularly concerning for organizations.

Technical Analysis

The root cause of CVE-2021-35564 lies in the handling of untrusted code within the Java environment. The attack vector is network-based, with low complexity, requiring no privileges for successful exploitation. User interaction is also not required for exploitation, which adds to the risk. The integrity impact is rated as low, indicating potential unauthorized changes to data or application states.

Risk & Impact Analysis

Risk to organizations includes unauthorized modifications to sensitive data and potential disruption of services relying on Java SE and GraalVM. The vulnerability's medium severity indicates that while the risk is not critical, it still requires prompt attention and remediation to prevent data loss or integrity issues. Given the CVSS score of 5.3, organizations should address this vulnerability in their priority patch cycle.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions include Java SE 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Organizations using these versions should apply the necessary updates to mitigate risk.

Mitigation & Remediation

To remediate CVE-2021-35564, organizations should upgrade to the latest versions of Java SE and GraalVM as per the vendor's advisory: Oracle's security alert. Additionally, organizations should implement configuration hardening and monitoring controls to detect potential exploitation attempts.

Detection Guidance

Organizations should monitor logs for unusual access patterns or modifications to Java SE and GraalVM environments. Key indicators include unauthorized API calls or unexpected changes to application states, which may signal attempts to exploit this vulnerability.

AppSecure Threat Intelligence Insight

CVE-2021-35564 represents a significant risk due to its ability to be exploited without authentication and its potential for unauthorized data access. Security teams should leverage this incident to enhance their application security posture by reviewing their Java and GraalVM configurations, ensuring that all vulnerable versions are patched, and monitoring for similar vulnerabilities in their environments.

For organizations looking to strengthen their security measures, engaging in penetration testing can provide valuable insights into existing vulnerabilities and help in formulating a robust defense strategy.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2021-35564: Medium Vulnerability in Oracle GraalVM and Java SE