by using the XML parsing functionality. The vulnerability can be exploited through the application. An attacker requires access to the target system. Threats can come from remote users or from users with access to the targeted system. Access privileges can be exploited. By default, this component runs with the lowest possible access level and users may be denied access to this component. An unprivileged user can create a malicious Java application and exploit the vulnerability.  Multiple Vendors: Currently, Oracle and GraalVM are the only vendors that address this vulnerability. Workarounds There are no workarounds at this time. However, you can protect against certain attacks by using firewalling and Intrusion Detection/Prevention System (IDS/IPS) or Application Control System (ACS) and Application Inspection System (AIS) if your application is sandboxed. You can also restrict access to the XML parsing API to a trusted set of hosts or subnets. For example, you can do this by using ACLs, authentication, authorization, and/or access control lists. Summary Although Java vulnerabilities are actively being exploited, there are mitigations that can be applied to help protect your organization.

Stay Vigilant and Keep Your Software Up-to-Date

Java vulnerabilities are actively being exploited, and the Oracle JVM is a popular target. This vulnerability can be exploited through the application. An attacker requires access to the target system. Threats can come from remote users or from users with access to the targeted system. Access privileges can be exploited. By default, this component runs with the lowest possible access level and users may be denied access to this component. An unprivileged user can create a malicious Java application and exploit the vulnerability.

Oracle Java Vulnerability Management Program

Oracle offers a comprehensive vulnerability management program that provides a coordinated approach to managing vulnerabilities in Oracle Java and associated products. The program includes security patch updates, vulnerability assessments, compliance checks, and information gathering.

Java Web Applications

A vulnerability in Oracle Java SE Development Kit 8u192 and GraalVM can allow an attacker to bypass authentication and perform arbitrary operations through the XML parsing API. Threats can come from remote users or from users with access to the targeted system. Access privileges can be exploited. By default, this component runs with the lowest possible access level and users may be denied access to this component. An attacker could create a malicious Java application and exploit the vulnerability.
Multiple Vendors: Currently, Oracle and GraalVM are the only vendors that address this vulnerability. Workarounds There are no workarounds at this time. However, you can protect against certain attacks by using firewalling and Intrusion Detection/Prevention System (IDS/IPS) or Application Control System (ACS) and Application Inspection System (AIS) if your application is sandboxed. You can also restrict access to the XML parsing API to a trusted set of hosts or subnets. For example, you can do this by using ACLs, authentication, authorization, and/or access control lists.
Summary Although Java vulnerabilities are actively being exploited, there are mitigations that can be applied to help protect your organization.

Timeline

Published on: 01/19/2022 12:15:00 UTC
Last modified on: 05/13/2022 14:59:00 UTC

References