PT-2024-29680 · Oracle · Java Platform
Published
2024-08-06
·
Updated
2024-08-14
·
CVE-2024-41995
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
JavaTM Platform versions prior to 12.89
Description
The issue is related to the initialization of a resource with an insecure default, which may expose the product to known TLS 1.0 and TLS 1.1 vulnerabilities if exploited. The specific products, models, and versions of MFPs and printers that contain JavaTM Platform should be checked with the vendor for more information.
Recommendations
For JavaTM Platform versions prior to 12.89, patch immediately and review TLS configurations to mitigate the risk of sensitive data exposure.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Java Platform