The vulnerability of the Libraries component in Oracle Java SE software platforms allows a perpetrator to trigger a service failure.

🗓️ 03 Feb 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

Oracle Java SE Libraries lack access control, enabling an attacker to cause service interruptions.

Reporter	Title	Published	Views	Family All 404
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics	4 Nov 202220:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - Includes Oracle Jan 2020 CPU minus CVE-2020-2585, CVE-2020-2654, and CVE-2020-2590	30 May 202019:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Z Development and Test Environment - April 2020	27 Oct 202013:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Tivoli Netcool Performance Manager for Wireline April 2020 CPU plus deferred CVE-2019-2949 and CVE-2020-2654	5 Aug 202006:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Kenexa LMS On Premise - CVE-2020-2654 (deferred from Oracle Jan 2020 CPU)	30 Jun 202014:14	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2020-2654 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections	31 Aug 202007:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server and IBM WebSphere Application Server used in IBM WebSphere Application Server in IBM Cloud	16 Jun 202013:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM Java Runtime affects Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2020-2654)	22 Jul 202006:10	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM Java SDK affect IBM Cloud Manager with OpenStack (CVE-2020-2654)	31 Aug 202013:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On April 2020 CPU plus deferred CVE-2019-2949 and CVE-2020-2654	5 Jun 202015:42	–	ibm

Vulners

Node

oracle openjdkMatch1.7.0

novell suse_openstack_cloudMatch7

novell suse_linux_enterprise_module_for_basesystemMatch15

novell suse_linux_enterprise_module_for_additional_packagehubMatch15

novell suse_enterprise_storageMatch5

novell suse_linux_enterprise_module_for_legacy_softwareMatch15

novell suse_openstack_cloudMatch8

novell suse_openstack_cloud_crowbarMatch8

novell hpe_helion_openstackMatch8

oracle openjdkMatch1.8.0

oracle java_seMatch7u241

oracle java_seMatch8u231

oracle java_seMatch11.0.5

oracle java_seMatch13.0.1

oracle openjdkMatch11.0.5

oracle openjdkMatch13.0.1

novell suse_linux_enterprise_high_performance_computingMatch15-espos

novell suse_linux_enterprise_high_performance_computingMatch15-ltss

red_hat red_hat_enterprise_linuxMatch6

red_hat red_hat_enterprise_linuxMatch7

red_hat red_hat_enterprise_linuxMatch8

novell opensuse_leapMatch15.1

novell suse_linux_enterprise_server_for_sap_applicationsMatch15

novell suse_linux_enterprise_serverMatch15-ltss

Source	Link
oracle	www.oracle.com/security-alerts/public-vuln-to-advisory-mapping.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-2654
security-tracker	www.security-tracker.debian.org/tracker/CVE-2020-2654
access	www.access.redhat.com/security/cve/CVE-2020-2654
suse	www.suse.com/security/cve/CVE-2020-2654/
strelets	www.strelets.net/patchi-i-obnovleniya-bezopasnosti
web	www.web.nvd.nist.gov/view/vuln/detail

21 Nov 2023 00:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 33.7

CVSS 24.3

EPSS0.03299