SA-2023-100 – TLS handshake vulnerability in Java client (CVE-2023-21930)

Extreme Networks Security Advisory

Some Oracle Java SE, Oracle GraalVM Enterprise Edition, OpenJDK, and Corretto versions are vulnerable to attacks via certain TLS handshakes. The vulnerability affects Java client deployments running sandboxed Java Web Start applications or applets. This vulnerability can result in unauthorized access to critical data or complete access to all accessible data.