CVE-2024-21140

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Jul 16, 2024
Updated: Aug 1, 2024
CWE ID 200

Summary

CVE-2024-21140 is a vulnerability affecting various versions of Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition. This issue, located in the Hotspot component, allows unauthenticated attackers with network access to compromise these products. Successful exploitation can result in unauthorized access to some data or unauthorized read access to a subset of the data. The vulnerability can be exploited through APIs and primarily affects Java deployments with untrusted code. The CVSS Base Score is 4.8, indicating low to moderate severity for both confidentiality and integrity impacts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share