CVE-2023-21835 / CVE-2023-21843
Quelle
https://nvd.nist.gov/vuln/detail/CVE-2023-21835
https://nvd.nist.gov/vuln/detail/CVE-2023-21843
Beschreibung vom CVE
"This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator)."
Betroffene Applikationen
application name = Name der Applikation.
affected version = Für welche Versionssände Handlungsbedarf besteht.
fixed version = Mindestversionsstand, in welcher die Sicherheitslücke behoben / nicht betroffen ist.
not affected = Diese Applikation ist von der Sicherheitslücke nicht betroffen. Es besteht kein Handlungsbedarf.
application name | affected version | fixed version |
---|---|---|
CarrierAPI | 2.0 | 3.0.48 |
ComManager | not affected | not affected |
DataGatewayServer V3 (DGS V3) alle Versionen 2.x.x sind ausgeschlossen |
3.8.13 | 3.8.14 |
FileConverter | not affected | not affected |
FileMoveService | not affected | not affected |
GLSBoxService | not affected | not affected |
HFMS (Tarifwerk) | 1.0 | 1.8.11 |
HVS32AMAService | 1.3.4 | 1.3.5 |
HVS32DBArchivierung | 1.0 | 4.6.6 |
HVS32MonitoringService | 1.4.9 | 1.4.10 |
HVS32MonitoringServiceLight | not affected | not affected |
IRIS | 1.0 | 1.0.9 |
Leitcode | not affected | not affected |
ScaleService | not affected | not affected |
SEM-Manager | 1.0 | 1.5.7 |
SEM-Web | - | 1.5.7 |
Verladefreigabe | 1.0 | 2.2.3 |
WatchLog | not affected | not affected |