CVE-2019-2862

Name of the Vulnerable Software and Affected Versions Oracle GraalVM Enterprise Edition version 19.0.0

Description The issue is related to insufficient access control in the Java component of Oracle GraalVM Enterprise Edition. It can be exploited by a remote attacker to cause a denial of service or impact the integrity of protected information. The vulnerability is difficult to exploit and requires human interaction from someone other than the attacker. Successful attacks can result in unauthorized access to critical data, including creation, deletion, or modification, as well as the ability to cause the system to hang or crash repeatedly.

Recommendations For Oracle GraalVM Enterprise Edition version 19.0.0, consider applying security patches or updates to resolve the issue. As a temporary workaround, restrict access to the Java component to minimize the risk of exploitation. Additionally, limit network access via multiple protocols to reduce the attack surface. At the moment, there is no information about a newer version that contains a fix for this vulnerability.