Vulnerability in Netapp Bluexp
CVE-2024-21145
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3…
EPSS: 0.009 (53.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.8 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N.
Affected products
- Netapp Bluexp
- Netapp Cloud_insights_storage_workload_security_agent
- Netapp Oncommand_insight
- Netapp Oncommand_workflow_automation
- Oracle Graalvm — versions 20.3.14, 21.3.10, 22.0.1
- Oracle Graalvm_for_jdk — versions 17.0.11, 21.0.3, 22.0.1
- Oracle Jdk — versions 1.8.0, 11.0.23, 17.0.11
- Oracle Jre — versions 1.8.0, 11.0.23, 17.0.11
- Oracle Corporation Java Se Jdk And Jre — versions Oracle Java SE:8u411, Oracle Java SE:8u411-perf, Oracle Java SE:11.0.23
Weakness classification (CWE)
References
- secalert_us@oracle.com (vendor-advisory, Vendor Advisory)
- secalert_us@oracle.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2024-21145?
- CVE-2024-21145 is a medium-severity vulnerability in Netapp Bluexp, classified under Improper Access Control. CVSS score: 4.8/10. Published 2024-07-16.
- How severe is CVE-2024-21145?
- Medium severity. CVSS v3 base score is 4.8 out of 10.