How severe is CVE-2023-22043?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2023-22043?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2023-22043

MEDIUM Year: 2023

CVSS v3 Score

5.9

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in Oracle Java SE (component: JavaFX). The supported version that is affected is Oracle Java SE: 8u371. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).

CVE-2004-1464

MEDIUM

CVSS:5.9(Medium)

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

NVD-CWE-Other2004

CVE-2015-5370

MEDIUM

CVSS:5.9(Medium)

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a ...

NVD-CWE-Other2015

CVE-2015-7744

MEDIUM

CVSS:5.9(Medium)

wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations...

NVD-CWE-Other2015

CVE-2015-8158

MEDIUM

CVSS:5.9(Medium)

The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.

NVD-CWE-Other2015

CVE-2015-8288

MEDIUM

CVSS:5.9(Medium)

NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote atta...

NVD-CWE-Other2015

CVE-2016-0677

MEDIUM

CVSS:5.9(Medium)

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.

NVD-CWE-Other2016

CVE-2023-22043

Vulnerability Description

Related Vulnerabilities

CVE-2004-1464

CVE-2015-5370

CVE-2015-7744

CVE-2015-8158

CVE-2015-8288

CVE-2016-0677