CVE-2023-21835 / CVE-2023-21843: Unterschied zwischen den Versionen
(-> Englisch) |
|||
| Zeile 1: | Zeile 1: | ||
| − | = | + | = Source = |
https://nvd.nist.gov/vuln/detail/CVE-2023-21835<br> | https://nvd.nist.gov/vuln/detail/CVE-2023-21835<br> | ||
https://nvd.nist.gov/vuln/detail/CVE-2023-21843 | https://nvd.nist.gov/vuln/detail/CVE-2023-21843 | ||
| − | = | + | = Description of this CVE = |
"This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator)." | "This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator)." | ||
| − | = | + | = Affected Applications = |
| − | '' | + | ''affected version = From which version onwards there is a need for action.''<br> |
| − | '' | + | ''fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.''<br> |
| − | '' | + | ''not affected = This application is not affected and therefore there is no need for action.<br> |
| − | '' | + | ''all versions = Every single version is affected. A need for action is required regardless of the version'' |
| + | |||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
| − | ! | + | ! Application Name !! Affected Version !! Fixed Version |
|- | |- | ||
| CarrierAPI || 2.0 || 3.0.48 | | CarrierAPI || 2.0 || 3.0.48 | ||
Aktuelle Version vom 27. September 2023, 11:07 Uhr
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-21835
https://nvd.nist.gov/vuln/detail/CVE-2023-21843
Description of this CVE
"This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator)."
Affected Applications
affected version = From which version onwards there is a need for action.
fixed version = Minimum version where the security vulnerability is fixed or not affected anymore.
not affected = This application is not affected and therefore there is no need for action.
all versions = Every single version is affected. A need for action is required regardless of the version
| Application Name | Affected Version | Fixed Version |
|---|---|---|
| CarrierAPI | 2.0 | 3.0.48 |
| ComManager | not affected | not affected |
| DataGatewayServer V3 (DGS V3) alle Versionen 2.x.x sind ausgeschlossen |
3.8.13 | 3.8.14 |
| FileConverter | not affected | not affected |
| FileMoveService | not affected | not affected |
| GLSBoxService | not affected | not affected |
| HFMS (Tarifwerk) | 1.0 | 1.8.11 |
| HVS32AMAService | 1.3.4 | 1.3.5 |
| HVS32DBArchivierung | 1.0 | 4.6.6 |
| HVS32MonitoringService | 1.4.9 | 1.4.10 |
| HVS32MonitoringServiceLight | not affected | not affected |
| IRIS | 1.0 | 1.0.9 |
| Leitcode | not affected | not affected |
| ScaleService | not affected | not affected |
| SEM-Manager | 1.0 | 1.5.7 |
| SEM-Web | 1.0 | 1.5.7 |
| Verladefreigabe | 1.0 | 2.2.3 |
| WatchLog | not affected | not affected |