← back
CVE-2021-2248

CVE-2021-2248

CVSS 10 CRITICALEPSS 2.5%
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 10EPSS 2.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Apr 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. While the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Oracle Corporation · Secure Global Desktop

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.oracle.com/security-alerts/cpuapr2021.html