PT-2021-21047 · Oracle · Oracle Secure Global Desktop

Asaf Greenholts

Published

2021-10-20

Updated

2021-10-26

CVE-2021-35650

CVSS v2.0

4.9

Medium

Vector

AV:N/AC:M/Au:S/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Oracle Secure Global Desktop version 5.6

Description: The issue allows a low-privileged attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized read access to a subset of Oracle Secure Global Desktop accessible data and unauthorized ability to cause a partial denial of service of Oracle Secure Global Desktop.

Recommendations: For Oracle Secure Global Desktop version 5.6, update to a version that addresses this issue, as no specific workaround is provided.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-35650

Affected Products

Oracle Secure Global Desktop

PT-2021-21047 · Oracle · Oracle Secure Global Desktop

CVE-2021-35650

Related Identifiers

Affected Products

References · 3