Threat Encyclopedia



This indicates an attack attempt to exploit a Security Bypass vulnerability in Oracle Java SE.
Incorrect certificate signature checks in Java SE allows an attacker to impersonate as the real server in a SSL protected communication. An attacker could impersonate as a legitimate server with a specially crafted certificate. This can result in a MITM attack.

affected-products-logoAffected Products

Oracle Java SE 17.0.2 and 18
Oracle GraalVM Enterprise Edition 21.3.1 and

Impact logoImpact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References


Telemetry logoTelemetry