CVE-2023-21930
First published: Mon Apr 17 2023(Updated: )
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/openjdk-11 | <=11.0.16+8-1~deb10u1 | 11.0.21+9-1~deb10u1 11.0.20+8-1~deb11u1 11.0.21+9-1~deb11u1 11.0.22~6ea-1 |
| debian/openjdk-17 | 17.0.7+7-1~deb11u1 17.0.9+9-1~deb11u1 17.0.9+9-1~deb12u1 17.0.10~6ea-1 | |
| debian/openjdk-20 | 20.0.2+9-1 | |
| debian/openjdk-8 | 8u392-ga-1 | |
| IBM Cognos Controller | <=11.0.0 - 11.0.1 | |
| Oracle GraalVM Enterprise Edition | =20.3.9 | |
| Oracle GraalVM Enterprise Edition | =21.3.5 | |
| Oracle GraalVM Enterprise Edition | =22.3.1 | |
| Oracle JDK 6 | =1.8.0-update361 | |
| Oracle JDK 6 | =11.0.18 | |
| Oracle JDK 6 | =17.0.6 | |
| Oracle JDK 6 | =20 | |
| Oracle Java Runtime Environment (JRE) | =1.8.0-update361 | |
| Oracle Java Runtime Environment (JRE) | =11.0.18 | |
| Oracle Java Runtime Environment (JRE) | =17.0.6 | |
| Oracle Java Runtime Environment (JRE) | =20 | |
| NetApp 7-Mode Transition Tool | ||
| Brocade SANnav | ||
| netapp cloud insights acquisition unit | ||
| NetApp Cloud Insights Storage Workload Security Agent | ||
| NetApp OnCommand Insight | ||
| Debian | =10.0 | |
| Debian | =11.0 | |
| Debian | =12.0 | |
| OpenJDK 17 | <8 | |
| OpenJDK 17 | >=11<=11.0.18 | |
| OpenJDK 17 | >=17<=17.0.6 | |
| OpenJDK 17 | =8 | |
| OpenJDK 17 | =8-milestone1 | |
| OpenJDK 17 | =8-milestone2 | |
| OpenJDK 17 | =8-milestone3 | |
| OpenJDK 17 | =8-milestone4 | |
| OpenJDK 17 | =8-milestone5 | |
| OpenJDK 17 | =8-milestone6 | |
| OpenJDK 17 | =8-milestone7 | |
| OpenJDK 17 | =8-milestone8 | |
| OpenJDK 17 | =8-milestone9 | |
| OpenJDK 17 | =8-update101 | |
| OpenJDK 17 | =8-update102 | |
| OpenJDK 17 | =8-update11 | |
| OpenJDK 17 | =8-update111 | |
| OpenJDK 17 | =8-update112 | |
| OpenJDK 17 | =8-update121 | |
| OpenJDK 17 | =8-update131 | |
| OpenJDK 17 | =8-update141 | |
| OpenJDK 17 | =8-update151 | |
| OpenJDK 17 | =8-update152 | |
| OpenJDK 17 | =8-update161 | |
| OpenJDK 17 | =8-update162 | |
| OpenJDK 17 | =8-update171 | |
| OpenJDK 17 | =8-update172 | |
| OpenJDK 17 | =8-update181 | |
| OpenJDK 17 | =8-update191 | |
| OpenJDK 17 | =8-update192 | |
| OpenJDK 17 | =8-update20 | |
| OpenJDK 17 | =8-update201 | |
| OpenJDK 17 | =8-update202 | |
| OpenJDK 17 | =8-update211 | |
| OpenJDK 17 | =8-update212 | |
| OpenJDK 17 | =8-update221 | |
| OpenJDK 17 | =8-update222 | |
| OpenJDK 17 | =8-update231 | |
| OpenJDK 17 | =8-update232 | |
| OpenJDK 17 | =8-update241 | |
| OpenJDK 17 | =8-update242 | |
| OpenJDK 17 | =8-update25 | |
| OpenJDK 17 | =8-update252 | |
| OpenJDK 17 | =8-update262 | |
| OpenJDK 17 | =8-update271 | |
| OpenJDK 17 | =8-update281 | |
| OpenJDK 17 | =8-update282 | |
| OpenJDK 17 | =8-update291 | |
| OpenJDK 17 | =8-update301 | |
| OpenJDK 17 | =8-update302 | |
| OpenJDK 17 | =8-update31 | |
| OpenJDK 17 | =8-update312 | |
| OpenJDK 17 | =8-update322 | |
| OpenJDK 17 | =8-update332 | |
| OpenJDK 17 | =8-update342 | |
| OpenJDK 17 | =8-update352 | |
| OpenJDK 17 | =8-update362 | |
| OpenJDK 17 | =8-update40 | |
| OpenJDK 17 | =8-update45 | |
| OpenJDK 17 | =8-update5 | |
| OpenJDK 17 | =8-update51 | |
| OpenJDK 17 | =8-update60 | |
| OpenJDK 17 | =8-update65 | |
| OpenJDK 17 | =8-update66 | |
| OpenJDK 17 | =8-update71 | |
| OpenJDK 17 | =8-update72 | |
| OpenJDK 17 | =8-update73 | |
| OpenJDK 17 | =8-update74 | |
| OpenJDK 17 | =8-update77 | |
| OpenJDK 17 | =8-update91 | |
| OpenJDK 17 | =8-update92 | |
| OpenJDK 17 | =20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html
- https://security.netapp.com/advisory/ntap-20230427-0008/
- https://www.debian.org/security/2023/dsa-5430
- https://www.debian.org/security/2023/dsa-5478
- https://www.oracle.com/security-alerts/cpuapr2023.html
- https://security-tracker.debian.org/tracker/CVE-2023-21930
- https://github.com/openjdk/jdk8u/commit/301c9adce1711d9eb3f663bef07bbb045b907332
- https://github.com/openjdk/jdk11u/commit/432b9f03f6b3b3ed782b1fb388c5f8c850c66c07
- https://github.com/openjdk/jdk17u/commit/13a90694f8177d4b6289f524ff5f721dbc3da09d
- https://www.oracle.com/security-alerts/cpuapr2023.html#AppendixJAVA
- https://www.oracle.com/java/technologies/javase/8u371-relnotes.html
- https://www.oracle.com/java/technologies/javase/11-0-19-relnotes.html
- https://www.oracle.com/java/technologies/javase/17-0-7-relnotes.html
- https://www.oracle.com/java/technologies/javase/20-0-1-relnotes.html
- https://access.redhat.com/errata/RHSA-2023:1875
- https://access.redhat.com/errata/RHSA-2023:1877
- https://access.redhat.com/errata/RHSA-2023:1878
- https://access.redhat.com/errata/RHSA-2023:1879
- https://access.redhat.com/errata/RHSA-2023:1880
- https://access.redhat.com/errata/RHSA-2023:1883
- https://access.redhat.com/errata/RHSA-2023:1882
- https://access.redhat.com/errata/RHSA-2023:1885
- https://access.redhat.com/errata/RHSA-2023:1884
- https://access.redhat.com/errata/RHSA-2023:1889
- https://access.redhat.com/errata/RHSA-2023:1890
- https://access.redhat.com/errata/RHSA-2023:1891
- https://access.redhat.com/errata/RHSA-2023:1892
- https://access.redhat.com/errata/RHSA-2023:1895
- https://access.redhat.com/errata/RHSA-2023:1898
- https://access.redhat.com/errata/RHSA-2023:1899
- https://access.redhat.com/errata/RHSA-2023:1900
- https://access.redhat.com/errata/RHSA-2023:1904
- https://access.redhat.com/errata/RHSA-2023:1911
- https://access.redhat.com/errata/RHSA-2023:1905
- https://access.redhat.com/errata/RHSA-2023:1906
- https://access.redhat.com/errata/RHSA-2023:1909
- https://access.redhat.com/errata/RHSA-2023:1908
- https://access.redhat.com/errata/RHSA-2023:1910
- https://access.redhat.com/errata/RHSA-2023:1907
- https://access.redhat.com/errata/RHSA-2023:1912
- https://access.redhat.com/errata/RHSA-2023:1903
- https://access.redhat.com/security/cve/cve-2023-21930
- https://access.redhat.com/errata/RHSA-2023:4103
- https://access.redhat.com/errata/RHSA-2023:4160
- https://bugzilla.redhat.com/show_bug.cgi?id=2187435
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://www.couchbase.com/alerts/
- https://www.ibm.com/support/pages/node/7177220 (Advisory)
Frequently Asked Questions
What is CVE-2023-21930?
CVE-2023-21930 is an unspecified vulnerability in Oracle Java SE Oracle GraalVM Enterprise Edition related to the JSSE component.
Which versions of Oracle Java SE and Oracle GraalVM Enterprise Edition are affected by CVE-2023-21930?
The affected versions of Oracle Java SE are 8u361, 8u361-perf, 11.0.18, 17.0.6, and 20. The affected versions of Oracle GraalVM Enterprise Edition are 20.3.9, 21.3.5, and 22.3.1.
How difficult is it to exploit CVE-2023-21930?
CVE-2023-21930 is categorized as difficult to exploit.
What is the severity of CVE-2023-21930?
CVE-2023-21930 has a severity keyword of 'high' and a severity value of 7.
Where can I find more information about CVE-2023-21930?
You can find more information about CVE-2023-21930 at the following references: [IBM X-Force Exchange](https://exchange.xforce.ibmcloud.com/vulnerabilities/253115), [IBM Support Page](https://www.ibm.com/support/pages/node/7029765), [GitHub Commit](https://github.com/openjdk/jdk8u/commit/301c9adce1711d9eb3f663bef07bbb045b907332)
- collector/security-tracker-debian
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-21930
- agent/remedy
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/references
- agent/severity
- agent/last-modified-date
- agent/trending
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- package-manager/debian
- vendor/ibm
- canonical/ibm cognos controller
- version/ibm cognos controller/11.0.0 - 11.0.1
- vendor/oracle
- canonical/oracle graalvm enterprise edition
- version/oracle graalvm enterprise edition/20.3.9
- version/oracle graalvm enterprise edition/21.3.5
- version/oracle graalvm enterprise edition/22.3.1
- canonical/oracle jdk 6
- version/oracle jdk 6/1.8.0-update361
- version/oracle jdk 6/11.0.18
- version/oracle jdk 6/17.0.6
- version/oracle jdk 6/20
- canonical/oracle java runtime environment (jre)
- version/oracle java runtime environment (jre)/1.8.0-update361
- version/oracle java runtime environment (jre)/11.0.18
- version/oracle java runtime environment (jre)/17.0.6
- version/oracle java runtime environment (jre)/20
- vendor/netapp
- canonical/netapp 7-mode transition tool
- canonical/brocade sannav
- canonical/netapp cloud insights acquisition unit
- canonical/netapp cloud insights storage workload security agent
- canonical/netapp oncommand insight
- vendor/debian
- canonical/debian
- version/debian/10.0
- version/debian/11.0
- version/debian/12.0
- canonical/openjdk 17
- version/openjdk 17/11
- version/openjdk 17/11.0.18
- version/openjdk 17/17
- version/openjdk 17/17.0.6
- version/openjdk 17/8
- version/openjdk 17/8-milestone1
- version/openjdk 17/8-milestone2
- version/openjdk 17/8-milestone3
- version/openjdk 17/8-milestone4
- version/openjdk 17/8-milestone5
- version/openjdk 17/8-milestone6
- version/openjdk 17/8-milestone7
- version/openjdk 17/8-milestone8
- version/openjdk 17/8-milestone9
- version/openjdk 17/8-update101
- version/openjdk 17/8-update102
- version/openjdk 17/8-update11
- version/openjdk 17/8-update111
- version/openjdk 17/8-update112
- version/openjdk 17/8-update121
- version/openjdk 17/8-update131
- version/openjdk 17/8-update141
- version/openjdk 17/8-update151
- version/openjdk 17/8-update152
- version/openjdk 17/8-update161
- version/openjdk 17/8-update162
- version/openjdk 17/8-update171
- version/openjdk 17/8-update172
- version/openjdk 17/8-update181
- version/openjdk 17/8-update191
- version/openjdk 17/8-update192
- version/openjdk 17/8-update20
- version/openjdk 17/8-update201
- version/openjdk 17/8-update202
- version/openjdk 17/8-update211
- version/openjdk 17/8-update212
- version/openjdk 17/8-update221
- version/openjdk 17/8-update222
- version/openjdk 17/8-update231
- version/openjdk 17/8-update232
- version/openjdk 17/8-update241
- version/openjdk 17/8-update242
- version/openjdk 17/8-update25
- version/openjdk 17/8-update252
- version/openjdk 17/8-update262
- version/openjdk 17/8-update271
- version/openjdk 17/8-update281
- version/openjdk 17/8-update282
- version/openjdk 17/8-update291
- version/openjdk 17/8-update301
- version/openjdk 17/8-update302
- version/openjdk 17/8-update31
- version/openjdk 17/8-update312
- version/openjdk 17/8-update322
- version/openjdk 17/8-update332
- version/openjdk 17/8-update342
- version/openjdk 17/8-update352
- version/openjdk 17/8-update362
- version/openjdk 17/8-update40
- version/openjdk 17/8-update45
- version/openjdk 17/8-update5
- version/openjdk 17/8-update51
- version/openjdk 17/8-update60
- version/openjdk 17/8-update65
- version/openjdk 17/8-update66
- version/openjdk 17/8-update71
- version/openjdk 17/8-update72
- version/openjdk 17/8-update73
- version/openjdk 17/8-update74
- version/openjdk 17/8-update77
- version/openjdk 17/8-update91
- version/openjdk 17/8-update92
- version/openjdk 17/20