CVE-2021-2464

Опубликовано: 24 сент. 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Vulnerability in Oracle Linux (component: OSwatcher). Supported versions that are affected are 7 and 8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Linux executes to compromise Oracle Linux. Successful attacks of this vulnerability can result in takeover of Oracle Linux. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Ссылки

https://linux.oracle.com/errata/ELSA-2021-9444.html
Vendor Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Patch
Vendor Advisory
https://linux.oracle.com/errata/ELSA-2021-9444.html
Vendor Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:oracle:engineered_systems_utilities:12.1.0.2:*:*:*:*:*:*:*

cpe:2.3:o:oracle:engineered_systems_utilities:19c:*:*:*:*:*:*:*

cpe:2.3:o:oracle:engineered_systems_utilities:21c:*:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:8:-:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00064

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-f24h-qh95-mf49

CVSS3: 7.8

github

больше 3 лет назад

ELSA-2021-9444

oracle-oval

больше 4 лет назад

ELSA-2021-9444: oswatcher security update (IMPORTANT)