Rewterz Threat Advisory – CVE-2023-21824 – Oracle Communications Applications Vulnerability
January 23, 2023Rewterz Threat Advisory – Multiple Oracle PeopleSoft Enterprise PeopleTools Vulnerabilities
January 23, 2023Rewterz Threat Advisory – CVE-2023-21824 – Oracle Communications Applications Vulnerability
January 23, 2023Rewterz Threat Advisory – Multiple Oracle PeopleSoft Enterprise PeopleTools Vulnerabilities
January 23, 2023Severity
Medium
Analysis Summary
CVE-2023-21885 CVSS:3.8
An unspecified vulnerability in Oracle VM VirtualBox related to the Core component could allow a local authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors.
CVE-2023-21899 CVSS:5.5
An unspecified vulnerability in Oracle VM VirtualBox related to the Core component could allow a local authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
Impact
- Denial of Service
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-21885
- CVE-2023-21899
Affected Vendors
Oracle
Affected Products
- Oracle VM VirtualBox 6.1.41
- Oracle VM VirtualBox 7.0.5
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.