CVE-2023-21835 / CVE-2023-21843: Unterschied zwischen den Versionen

Aus Wiki - Heidler Strichcode GmbH
Zur Navigation springen Zur Suche springen
(Die Seite wurde neu angelegt: „= Quelle = https://nvd.nist.gov/vuln/detail/CVE-2023-21835<br> https://nvd.nist.gov/vuln/detail/CVE-2023-21843 = Beschreibung vom CVE = = Betroffene Applikat…“)
 
(-> Englisch)
 
(4 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
= Quelle =
+
= Source =
 
https://nvd.nist.gov/vuln/detail/CVE-2023-21835<br>
 
https://nvd.nist.gov/vuln/detail/CVE-2023-21835<br>
 
https://nvd.nist.gov/vuln/detail/CVE-2023-21843
 
https://nvd.nist.gov/vuln/detail/CVE-2023-21843
  
= Beschreibung vom CVE =
+
= Description of this CVE =
 +
"This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator)."
 +
 
 +
= Affected Applications =
 +
''affected version = From which version onwards there is a need for action.''<br>
 +
''fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.''<br>
 +
''not affected = This application is not affected and therefore there is no need for action.<br>
 +
''all versions = Every single version is affected. A need for action is required regardless of the version''
  
= Betroffene Applikationen =
 
''application name = Name der Applikation.''<br>
 
''affected version = Für welche Versionssände Handlungsbedarf besteht.''<br>
 
''fixed version = Mindestversionsstand, in welcher die Sicherheitslücke behoben / nicht betroffen ist.''<br><br>
 
''not affected = Diese Applikation ist von der Sicherheitslücke nicht betroffen. Es besteht kein Handlungsbedarf.''<br><br>
 
 
{| class="wikitable"
 
{| class="wikitable"
 
|-
 
|-
! application name !! affected version !! fixed version
+
! Application Name !! Affected Version !! Fixed Version
 
|-
 
|-
| CarrierAPI || - || 3.0.48
+
| CarrierAPI || 2.0 || 3.0.48
 
|-
 
|-
 
| ComManager || not affected || not affected
 
| ComManager || not affected || not affected
Zeile 26: Zeile 28:
 
| GLSBoxService || not affected || not affected
 
| GLSBoxService || not affected || not affected
 
|-
 
|-
| HFMS (Tarifwerk) || - || 1.8.11
+
| HFMS (Tarifwerk) || 1.0 || 1.8.11
 
|-
 
|-
 
| HVS32AMAService || 1.3.4 || 1.3.5
 
| HVS32AMAService || 1.3.4 || 1.3.5
 
|-
 
|-
| HVS32DBArchivierung || - || 4.6.6
+
| HVS32DBArchivierung || 1.0 || 4.6.6
 
|-
 
|-
 
| HVS32MonitoringService || 1.4.9 || 1.4.10
 
| HVS32MonitoringService || 1.4.9 || 1.4.10
Zeile 36: Zeile 38:
 
| HVS32MonitoringServiceLight || not affected || not affected
 
| HVS32MonitoringServiceLight || not affected || not affected
 
|-
 
|-
| IRIS || - || 1.0.9
+
| IRIS || 1.0 || 1.0.9
 
|-
 
|-
 
| Leitcode || not affected || not affected
 
| Leitcode || not affected || not affected
Zeile 42: Zeile 44:
 
| ScaleService || not affected || not affected
 
| ScaleService || not affected || not affected
 
|-
 
|-
| SEM-Manager || - || -
+
| SEM-Manager || 1.0 || 1.5.7
 
|-
 
|-
| SEM-Web || - || -
+
| SEM-Web || 1.0 || 1.5.7
 
|-
 
|-
| Verladefreigabe || - || 2.2.3
+
| Verladefreigabe || 1.0 || 2.2.3
 
|-
 
|-
 
| WatchLog || not affected || not affected
 
| WatchLog || not affected || not affected
 
|}
 
|}

Aktuelle Version vom 27. September 2023, 11:07 Uhr

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-21835
https://nvd.nist.gov/vuln/detail/CVE-2023-21843

Description of this CVE

"This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator)."

Affected Applications

affected version = From which version onwards there is a need for action.
fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.
not affected = This application is not affected and therefore there is no need for action.
 all versions = Every single version is affected. A need for action is required regardless of the version

Application Name Affected Version Fixed Version
CarrierAPI 2.0 3.0.48
ComManager not affected not affected
DataGatewayServer V3 (DGS V3)
alle Versionen 2.x.x sind ausgeschlossen		 3.8.13 3.8.14
FileConverter not affected not affected
FileMoveService not affected not affected
GLSBoxService not affected not affected
HFMS (Tarifwerk) 1.0 1.8.11
HVS32AMAService 1.3.4 1.3.5
HVS32DBArchivierung 1.0 4.6.6
HVS32MonitoringService 1.4.9 1.4.10
HVS32MonitoringServiceLight not affected not affected
IRIS 1.0 1.0.9
Leitcode not affected not affected
ScaleService not affected not affected
SEM-Manager 1.0 1.5.7
SEM-Web 1.0 1.5.7
Verladefreigabe 1.0 2.2.3
WatchLog not affected not affected
Abgerufen von „https://wiki.heidler-strichcode.de/w/index.php?title=CVE-2023-21835_/_CVE-2023-21843&oldid=5309