CVE-2023-22067 is a medium-severity vulnerability affecting Oracle Java SE and Oracle GraalVM Enterprise Edition. The vulnerability exists in the CORBA component and is present in supported versions of Oracle Java SE: 8u381 and 8u381-perf, as well as Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. This vulnerability allows an unauthenticated attacker with network access via CORBA to compromise the affected systems.
Successful exploitation of this vulnerability could lead to unauthorized update, insertion, or deletion of some accessible data within Oracle Java SE and Oracle GraalVM Enterprise Edition. The attack does not require user interaction, and the vulnerability can be exploited by supplying data to APIs in the specified component without the need for untrusted Java Web Start applications or untrusted Java applets.
The CVSS 3.1 base score for this vulnerability is 5.3, indicating a medium severity level. The CVSS vector indicates a network attack vector with low complexity and no required privileges or user interaction. Organizations should prioritize patching immediately to mitigate the risks associated with this vulnerability.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
.webp)