CVE-2023-22043

Name of the Vulnerable Software and Affected Versions Oracle Java SE version 8u371

Description The issue is related to a vulnerability in the JavaFX component of Oracle Java SE, allowing an unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks can result in unauthorized creation, deletion, or modification access to critical data or all Oracle Java SE accessible data. This vulnerability applies to Java deployments that load and run untrusted code, such as sandboxed Java Web Start applications or sandboxed Java applets, and rely on the Java sandbox for security.

Recommendations For Oracle Java SE version 8u371, consider disabling the JavaFX component until a patch is available. Restrict access to untrusted code, such as code from the internet, to minimize the risk of exploitation. Avoid using sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code until the issue is resolved.