Rewterz Threat Advisory – Multiple Oracle Database Server Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Oracle WebLogic SERVER Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Oracle Database Server Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Oracle WebLogic SERVER Vulnerabilities
October 20, 2023Severity
Medium
Analysis Summary
CVE-2023-22100 CVSS:7.9
An unspecified vulnerability in Oracle VM VirtualBox related to the Core component could allow a local authenticated attacker to cause high confidentiality impact, no integrity impact, and high availability impact.
CVE-2023-22099 CVSS:7.3
An unspecified vulnerability in Oracle VM VirtualBox related to the Core component could allow a local authenticated attacker to cause low confidentiality impact, low integrity impact, and high availability impact.
CVE-2023-22098 CVSS:7.3
An unspecified vulnerability in Oracle VM VirtualBox related to the Core component could allow a local authenticated attacker to cause low confidentiality impact, low integrity impact, and high availability impact.
CVE-2023-22067 CVSS:5.3
An unspecified vulnerability in Oracle Java SE related to the CORBA component could allow a remote attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVE-2023-22081 CVSS:5.3
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact, and low availability impact.
CVE-2023-22025 CVSS:3.7
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK related to the Hotspot component could allow a remote attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVE-2023-22091 CVSS:4.8
An unspecified vulnerability in Oracle GraalVM for JDK product of Oracle Java SE related to the Compiler component could allow a remote attacker to cause low confidentiality impact, low integrity impact, and no availability impact.
Impact
- Denial of Service
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-22100
- CVE-2023-22099
- CVE-2023-22098
- CVE-2023-22067
- CVE-2023-22081
- CVE-2023-22025
- CVE-2023-22091
Affected Vendors
Oracle
Affected Products
- Oracle VM VirtualBox 7.0.10
- Oracle Java SE 8u381
- Oracle GraalVM for JDK 17.0.8
- Oracle GraalVM for JDK 20.0.2
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.