How severe is CVE-2023-21999?

This vulnerability has a severity rating of LOW with a CVSS score of 3.6 out of 10.

What type of vulnerability is CVE-2023-21999?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2023-21999 - LOW Severity | CVSS 3.6

Vulnerability Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).

Related Vulnerabilities

CVE-2019-2961

LOW

CVSS:3.6(Low)

Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMF services & legacy daemons). The supported version that is affected is 11. Difficult to exploit vulnerability allows low pr...

NVD-CWE-Other2019

CVE-2020-4008

LOW

CVSS:3.6(Low)

The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS senso...

NVD-CWE-Other2020

CVE-2023-23543

LOW

CVSS:3.6(Low)

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4....

NVD-CWE-Other2023

CVE-2024-2918

LOW

CVSS:3.6(Low)

Improper input validation in PAM JIT elevation feature in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to forge the displayed group in the PA...

NVD-CWE-Other2024

CVE-2005-4780

LOW

CVSS:3.7(Low)

Cross-site scripting (XSS) vulnerability in Fidra Lighthouse CMS 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a query_string to the home...

NVD-CWE-Other2005

CVE-2016-0671

LOW

CVSS:3.7(Low)

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to OSSL Module.

NVD-CWE-Other2016