VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-uhzf-hpjc-afhv

Essentials
Severities (15)
References (44)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-uhzf-hpjc-afhv
Aliases	CVE-2023-22081
Summary	OpenJDK: certificate path validation issue during client authentication (8309966)
Status	Published
Exploitability	0.5
Weighted Severity	4.8
Risk	2.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-295

Improper Certificate Validation

System	Score	Found at
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json
epss	0.00098	https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss	0.00098	https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss	0.00098	https://api.first.org/data/v1/epss?cve=CVE-2023-22081
cvssv3.1	5.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	5.3	https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html
cvssv3.1	5.3	https://security.netapp.com/advisory/ntap-20231027-0006/
ssvc	Track	https://security.netapp.com/advisory/ntap-20231027-0006/
cvssv3.1	5.3	https://www.debian.org/security/2023/dsa-5537
ssvc	Track	https://www.debian.org/security/2023/dsa-5537
cvssv3.1	5.3	https://www.debian.org/security/2023/dsa-5548
ssvc	Track	https://www.debian.org/security/2023/dsa-5548
cvssv3.1	5.3	https://www.oracle.com/security-alerts/cpuoct2023.html
ssvc	Track	https://www.oracle.com/security-alerts/cpuoct2023.html

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-22081
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2243627		https://bugzilla.redhat.com/show_bug.cgi?id=2243627
dsa-5537		https://www.debian.org/security/2023/dsa-5537
dsa-5548		https://www.debian.org/security/2023/dsa-5548
GLSA-202412-07		https://security.gentoo.org/glsa/202412-07
msg00041.html		https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html
ntap-20231027-0006		https://security.netapp.com/advisory/ntap-20231027-0006/
RHSA-2023:5725		https://access.redhat.com/errata/RHSA-2023:5725
RHSA-2023:5726		https://access.redhat.com/errata/RHSA-2023:5726
RHSA-2023:5727		https://access.redhat.com/errata/RHSA-2023:5727
RHSA-2023:5728		https://access.redhat.com/errata/RHSA-2023:5728
RHSA-2023:5729		https://access.redhat.com/errata/RHSA-2023:5729
RHSA-2023:5730		https://access.redhat.com/errata/RHSA-2023:5730
RHSA-2023:5731		https://access.redhat.com/errata/RHSA-2023:5731
RHSA-2023:5732		https://access.redhat.com/errata/RHSA-2023:5732
RHSA-2023:5733		https://access.redhat.com/errata/RHSA-2023:5733
RHSA-2023:5734		https://access.redhat.com/errata/RHSA-2023:5734
RHSA-2023:5735		https://access.redhat.com/errata/RHSA-2023:5735
RHSA-2023:5736		https://access.redhat.com/errata/RHSA-2023:5736
RHSA-2023:5737		https://access.redhat.com/errata/RHSA-2023:5737
RHSA-2023:5739		https://access.redhat.com/errata/RHSA-2023:5739
RHSA-2023:5740		https://access.redhat.com/errata/RHSA-2023:5740
RHSA-2023:5741		https://access.redhat.com/errata/RHSA-2023:5741
RHSA-2023:5742		https://access.redhat.com/errata/RHSA-2023:5742
RHSA-2023:5743		https://access.redhat.com/errata/RHSA-2023:5743
RHSA-2023:5744		https://access.redhat.com/errata/RHSA-2023:5744
RHSA-2023:5745		https://access.redhat.com/errata/RHSA-2023:5745
RHSA-2023:5746		https://access.redhat.com/errata/RHSA-2023:5746
RHSA-2023:5747		https://access.redhat.com/errata/RHSA-2023:5747
RHSA-2023:5750		https://access.redhat.com/errata/RHSA-2023:5750
RHSA-2023:5751		https://access.redhat.com/errata/RHSA-2023:5751
RHSA-2023:5752		https://access.redhat.com/errata/RHSA-2023:5752
RHSA-2023:5753		https://access.redhat.com/errata/RHSA-2023:5753
RHSA-2023:5761		https://access.redhat.com/errata/RHSA-2023:5761
RHSA-2023:6738		https://access.redhat.com/errata/RHSA-2023:6738
RHSA-2023:6887		https://access.redhat.com/errata/RHSA-2023:6887
RHSA-2024:0866		https://access.redhat.com/errata/RHSA-2024:0866
RHSA-2024:0879		https://access.redhat.com/errata/RHSA-2024:0879
USN-6527-1		https://usn.ubuntu.com/6527-1/
USN-6528-1		https://usn.ubuntu.com/6528-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/ Found at https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://security.netapp.com/advisory/ntap-20231027-0006/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/ Found at https://security.netapp.com/advisory/ntap-20231027-0006/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://www.debian.org/security/2023/dsa-5537

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/ Found at https://www.debian.org/security/2023/dsa-5537

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://www.debian.org/security/2023/dsa-5548

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/ Found at https://www.debian.org/security/2023/dsa-5548

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://www.oracle.com/security-alerts/cpuoct2023.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/ Found at https://www.oracle.com/security-alerts/cpuoct2023.html

Exploit Prediction Scoring System (EPSS)

Percentile	0.26843
EPSS Score	0.00098
Published At	June 4, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T17:01:08.269816+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json	38.6.0