CVERadar

CVE-2023-22043

High Severity

Oracle

SVRS

56/100

CVSSv3

5.9/10

EPSS

0.00191/1

CVE-2023-22043 is a vulnerability in Oracle Java SE's JavaFX component that allows an unauthenticated attacker with network access to compromise the system. This JavaFX vulnerability affects version 8u371, potentially leading to unauthorized modification or deletion of critical data. With a CVSS score of 5.9, the risk is moderate; however, SOCRadar's Vulnerability Risk Score (SVRS) of 56 suggests careful monitoring. While not immediately critical, it's vital to patch since successful exploitation grants unauthorized access, particularly in client-side Java deployments running untrusted code. Ignoring this vulnerability could allow attackers to manipulate sensitive data, impacting the integrity of applications relying on the Java sandbox. The presence of "In The Wild" tag means that attacks exploiting this vulnerability are being actively observed.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

Java News Roundup: Grails 6.0, PrimeFaces 13.0, JUnit 5.10, GraalVM, TornadoVM, New JEP Drafts - InfoQ.com

2023-07-31

Java News Roundup: Grails 6.0, PrimeFaces 13.0, JUnit 5.10, GraalVM, TornadoVM, New JEP Drafts - InfoQ.com | Description: This week's Java roundup for July 24th, 2023, features news from OpenJDK, JDK 22, JDK 21, GraalVM Community Components 23.0.1, Spring Cloud 2022.0.4, Spring Security and Spring Shell point releases, Grails 6.0, TornadoVM 0.15.2, Liberica NIK 23.0.1, PrimeFaces 13.0, Quarkus 3.2.2, Hibernate Reactive 2.0.4, Micronaut 4.0.2, JBang 0.110, JHipster Lite 0.39, JUnit 5.10 and Gradle 8.3-RC2. | News Content: This week's Java roundup for July 24th, 2023, features news from OpenJDK, JDK 22, JDK 21, GraalVM Community Components 23.0.1, Spring Cloud 2022.0.4

google.com

rss

forum

news

Social Media

No tweets found for this CVE

Affected Software

Configuration 1

Type	Vendor	Product
App	Oracle	jre
App	Oracle	jdk

References

Reference	Link
MISC	https://www.oracle.com/security-alerts/cpujul2023.html
MISC	https://www.oracle.com/security-alerts/cpujul2023.html
MISC	https://security.netapp.com/advisory/ntap-20230725-0006/
ORACLE ADVISORY	https://www.oracle.com/security-alerts/cpujul2023.html

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence