Oracle VM VirtualBox à 6.1.19 Core divulgation de l'information

Une vulnérabilité qui a été classée critique a été trouvée dans Oracle VM VirtualBox à 6.1.19 (Virtualization Software). Ceci affecte une fonction inconnue du composant Core. Mettre à jour élimine cette vulnérabilité. Une solution envisageable a été publiée immédiatement après la publication de la vulnérabilité.

Domaine27/04/2021 08:4727/04/2021 08:4829/04/2021 07:30
vendorOracleOracleOracle
nameVM VirtualBoxVM VirtualBoxVM VirtualBox
cveCVE-2021-2283CVE-2021-2283CVE-2021-2283
componentCoreCoreCore
cwe200 (divulgation de l'information)200 (divulgation de l'information)200 (divulgation de l'information)
risk222
cvss3_vuldb_avLLL
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sCCC
cvss3_vuldb_cHHH
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
version<=6.1.19<=6.1.19<=6.1.19
urlhttps://www.oracle.com/security-alerts/cpuapr2021.htmlhttps://www.oracle.com/security-alerts/cpuapr2021.htmlhttps://www.oracle.com/security-alerts/cpuapr2021.html
date1618956000 (21/04/2021)1618956000 (21/04/2021)1618956000 (21/04/2021)
date1618956000 (21/04/2021)1618956000 (21/04/2021)1618956000 (21/04/2021)
identifierOracle Critical Patch Update Advisory - April 2021Oracle Critical Patch Update Advisory - April 2021Oracle Critical Patch Update Advisory - April 2021
nameUpgradeUpgradeUpgrade
typeVirtualization SoftwareVirtualization SoftwareVirtualization Software
cvss2_vuldb_avLLL
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciCCC
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore4.94.94.9
cvss2_vuldb_tempscore4.34.34.3
cvss3_vuldb_basescore7.17.17.1
cvss3_vuldb_tempscore6.86.86.8
cvss3_meta_basescore7.17.17.1
cvss3_meta_tempscore6.86.86.8
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned1607468400 (09/12/2020)1607468400 (09/12/2020)1607468400 (09/12/2020)
cve_nvd_summaryVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).
cve_cnaOracleOracle
cvss2_nvd_avL
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiN
cvss2_nvd_aiN
cvss2_nvd_basescore2.1

Might our Artificial Intelligence support you?

Check our Alexa App!