CVE-2022-21340 in Java SEinfo

Summary

by MITRE • 01/19/2022

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 05/28/2026

This vulnerability resides within the Oracle Java SE and GraalVM Enterprise Edition libraries, specifically targeting the Java sandbox security model that protects against malicious code execution. The flaw affects multiple supported versions including Java SE 7u321, 8u311, 11.0.13, and 17.01, as well as GraalVM Enterprise Edition 20.3.4 and 21.3.0, making it a widespread concern across the Java ecosystem. The vulnerability operates through multiple network protocols and requires no authentication, making it particularly dangerous for environments where untrusted code execution is permitted. The CVSS score of 5.3 indicates a medium severity threat with availability impact, specifically allowing partial denial of service conditions that can disrupt system operations.

The technical nature of this vulnerability stems from weaknesses in how the Java runtime environment handles certain library operations within sandboxed applications. Attackers can exploit this flaw by leveraging APIs in the affected components or by crafting malicious code that targets the sandboxed execution environment. The vulnerability particularly impacts deployments where Java Web Start applications or applets are used, as these typically operate within restricted environments that rely on the Java sandbox for protection. When exploited, the vulnerability enables attackers to perform unauthorized actions that can compromise system availability, though it does not provide access to sensitive data or allow for privilege escalation.

The operational impact of this vulnerability extends beyond simple denial of service conditions, as it represents a fundamental weakness in the Java security model that can be leveraged across various attack vectors. Organizations running Java applications in sandboxed environments, particularly those that execute untrusted code from the internet, face significant risk from this vulnerability. The fact that it can be exploited through web services that supply data to the APIs makes it particularly concerning for web-facing applications. The vulnerability's ability to affect both Oracle Java SE and GraalVM Enterprise Edition components means that security teams must consider multiple product lines when implementing mitigation strategies, as the flaw exists across different Java runtime environments.

Mitigation efforts should prioritize immediate patching of affected versions, as Oracle has released updates addressing this vulnerability. Organizations should also implement network segmentation to limit access to Java applications and consider disabling unnecessary Java runtime features in web browsers. The vulnerability's classification under CWE (Common Weakness Enumeration) principles indicates it relates to improper handling of sandboxed code execution and potentially insufficient sandbox enforcement mechanisms. Security teams should monitor for exploitation attempts through network traffic analysis and implement intrusion detection systems that can identify suspicious API calls or network patterns consistent with this vulnerability's exploitation methods. Additionally, organizations should review their Java deployment practices to minimize exposure of sandboxed applications to untrusted code sources and consider migrating to more secure runtime environments where possible.

Responsible

Oracle

Reservation

11/15/2021

Disclosure

01/19/2022

Moderation

accepted

CPE

ready

EPSS

0.07748

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!