VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-dgfd-yp1k-aaaa

Essentials
Severities (97)
References (28)
Severity details (11)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-dgfd-yp1k-aaaa
Aliases	CVE-2023-22067
Summary	Vulnerability in Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-502

Deserialization of Untrusted Data

System	Score	Found at
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22067.json
epss	0.00059	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00059	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00059	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00059	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00069	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00172	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00172	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00172	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00175	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
epss	0.00719	https://api.first.org/data/v1/epss?cve=CVE-2023-22067
cvssv3.1	5.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-22067
cvssv3.1	5.3	https://security.netapp.com/advisory/ntap-20231027-0006/
ssvc	Track	https://security.netapp.com/advisory/ntap-20231027-0006/
cvssv3.1	5.3	https://www.debian.org/security/2023/dsa-5537
ssvc	Track	https://www.debian.org/security/2023/dsa-5537
cvssv3.1	5.3	https://www.oracle.com/security-alerts/cpuoct2023.html
cvssv3.1	8.3	https://www.oracle.com/security-alerts/cpuoct2023.html
generic_textual	HIGH	https://www.oracle.com/security-alerts/cpuoct2023.html
ssvc	Track	https://www.oracle.com/security-alerts/cpuoct2023.html

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22067.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-22067
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://security.netapp.com/advisory/ntap-20231027-0006/
		https://www.debian.org/security/2023/dsa-5537
		https://www.oracle.com/security-alerts/cpuoct2023.html
2243637		https://bugzilla.redhat.com/show_bug.cgi?id=2243637
cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:::::::*
cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:::::::*
cpe:2.3:a:oracle:jdk:1.8.0:update381:::-:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update381:::-:::*
cpe:2.3:a:oracle:jdk:1.8.0:update381:::enterprise_performance_pack:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update381:::enterprise_performance_pack:::*
cpe:2.3:a:oracle:jre:1.8.0:update381:::-:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update381:::-:::*
cpe:2.3:a:oracle:jre:1.8.0:update381:::enterprise_performance_pack:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update381:::enterprise_performance_pack:::*
CVE-2023-22067		https://nvd.nist.gov/vuln/detail/CVE-2023-22067
GLSA-202412-07		https://security.gentoo.org/glsa/202412-07
RHSA-2023:5725		https://access.redhat.com/errata/RHSA-2023:5725
RHSA-2023:5726		https://access.redhat.com/errata/RHSA-2023:5726
RHSA-2023:5727		https://access.redhat.com/errata/RHSA-2023:5727
RHSA-2023:5728		https://access.redhat.com/errata/RHSA-2023:5728
RHSA-2023:5729		https://access.redhat.com/errata/RHSA-2023:5729
RHSA-2023:5730		https://access.redhat.com/errata/RHSA-2023:5730
RHSA-2023:5731		https://access.redhat.com/errata/RHSA-2023:5731
RHSA-2023:5732		https://access.redhat.com/errata/RHSA-2023:5732
RHSA-2023:5733		https://access.redhat.com/errata/RHSA-2023:5733
RHSA-2023:5761		https://access.redhat.com/errata/RHSA-2023:5761
RHSA-2024:0866		https://access.redhat.com/errata/RHSA-2024:0866
RHSA-2024:0879		https://access.redhat.com/errata/RHSA-2024:0879
USN-6528-1		https://usn.ubuntu.com/6528-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22067.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-22067

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://security.netapp.com/advisory/ntap-20231027-0006/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-12T15:07:56Z/ Found at https://security.netapp.com/advisory/ntap-20231027-0006/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.debian.org/security/2023/dsa-5537

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-12T15:07:56Z/ Found at https://www.debian.org/security/2023/dsa-5537

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.oracle.com/security-alerts/cpuoct2023.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuoct2023.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-12T15:07:56Z/ Found at https://www.oracle.com/security-alerts/cpuoct2023.html

Exploit Prediction Scoring System (EPSS)

Percentile	0.26568
EPSS Score	0.00059
Published At	Dec. 17, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.