Rewterz Threat Advisory – Multiple Oracle VM VirtualBox Vulnerabilities

Rewterz Threat Advisory – CVE-2023-21824 – Oracle Communications Applications Vulnerability

January 23, 2023

Rewterz Threat Advisory – Multiple Oracle PeopleSoft Enterprise PeopleTools Vulnerabilities

January 23, 2023

Rewterz Threat Advisory – Multiple Oracle VM VirtualBox Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-21885 CVSS:3.8

An unspecified vulnerability in Oracle VM VirtualBox related to the Core component could allow a local authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors.

CVE-2023-21899 CVSS:5.5

An unspecified vulnerability in Oracle VM VirtualBox related to the Core component could allow a local authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.

Impact

Denial of Service
Information Disclosure

Indicators Of Compromise

CVE

CVE-2023-21885
CVE-2023-21899

Affected Vendors

Oracle

Affected Products

Oracle VM VirtualBox 6.1.41
Oracle VM VirtualBox 7.0.5

Remediation

Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.

Oracle Critical Patch Update Advisory

Rewterz Threat Advisory – CVE-2023-21824 – Oracle Communications Applications Vulnerability

Rewterz Threat Advisory – Multiple Oracle PeopleSoft Enterprise PeopleTools Vulnerabilities

Rewterz Threat Advisory – Multiple Oracle VM VirtualBox Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan