CVE-2020-2590

🗓️ 15 Jan 2020 16:34:02Reported by oracleType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 400 Views

Vulnerability in Java SE & Java SE Embedded of Oracle Java SE, allowing unauthorized data access

Reporter	Title	Published	Views	Family All 320
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics	4 Nov 202220:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - Includes Oracle Jan 2020 CPU minus CVE-2020-2585, CVE-2020-2654, and CVE-2020-2590	30 May 202019:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oracle Jul 2020 CPU plus one additional vulnerability and Oracle deferred from Jan 2020	13 Feb 202100:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 -CVE-2020-2590 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time	21 Aug 202009:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in IBM® Java SDK July 2020 CPU plus CVE-2020-2590 and CVE-2020-2601 have been identified in Jazz Team Server shipped with Jazz Reporting Service	25 Sep 202019:32	–	ibm
IBM Security Bulletins	Security Bulletin: a security vulnerability has been identified in Oracle Java shipped with IBM® Intelligent Operations Center (CVE-2020-2590)	11 Feb 202115:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i - July 2020.	10 Feb 202116:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM® JDK, Java™ Technology Edition may affect IBM Cloud Manager with OpenStack	14 Oct 202003:50	–	ibm
IBM Security Bulletins	Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java™ Technology Edition	5 Jan 202106:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Service Registry and Repository and WebSphere Service Registry and Repository Studio July 2020 CPU plus deferred CVE-2019-2590 and CVE-2020-2601	13 Aug 202011:26	–	ibm

NVD

Vulners

Node

oracle jdkMatch1.7.0update241

oracle jdkMatch1.8.0update231

oracle jdkMatch11.0.5

oracle jdkMatch13.0.1

oracle jreMatch1.7.0update_241

oracle jreMatch1.8.0update_231

oracle jreMatch11.0.5

oracle jreMatch13.0.1

Node

redhat enterprise_linuxMatch8.0

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_eusMatch7.7

redhat enterprise_linux_eusMatch8.1

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.7

redhat enterprise_linux_tusMatch7.7

redhat enterprise_linux_workstationMatch6.0

redhat enterprise_linux_workstationMatch7.0

Node

oracle openjdkMatch7-

oracle openjdkMatch7update241

oracle openjdkMatch7update80

oracle openjdkMatch7update85

oracle openjdkMatch8-

oracle openjdkMatch8update102

oracle openjdkMatch8update112

oracle openjdkMatch8update152

oracle openjdkMatch8update162

oracle openjdkMatch8update172

oracle openjdkMatch8update192

oracle openjdkMatch8update20

oracle openjdkMatch8update202

oracle openjdkMatch8update212

oracle openjdkMatch8update222

oracle openjdkMatch8update232

oracle openjdkMatch8update40

oracle openjdkMatch8update60

oracle openjdkMatch8update66

oracle openjdkMatch8update72

oracle openjdkMatch8update92

oracle openjdkMatch11

oracle openjdkMatch11.0.1

oracle openjdkMatch11.0.2

oracle openjdkMatch11.0.3

oracle openjdkMatch11.0.4

oracle openjdkMatch11.0.5

oracle openjdkMatch13

oracle openjdkMatch13.0.1

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

debian debian_linuxMatch10.0

Node

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch19.10

Node

opensuse leapMatch15.1

Node

mcafee epolicy_orchestratorMatch5.9.0

mcafee epolicy_orchestratorMatch5.9.1

mcafee epolicy_orchestratorMatch5.10.0-

mcafee epolicy_orchestratorMatch5.10.0update_1

mcafee epolicy_orchestratorMatch5.10.0update_2

mcafee epolicy_orchestratorMatch5.10.0update_3

mcafee epolicy_orchestratorMatch5.10.0update_4

mcafee epolicy_orchestratorMatch5.10.0update_5

mcafee epolicy_orchestratorMatch5.10.0update_6

Node

netapp active_iq_unified_managerRange7.3≥windows

netapp active_iq_unified_managerRange9.5≥vmware_vsphere

netapp e-series_performance_analyzerMatch-

netapp e-series_santricity_managementMatch-vmware_vcenter

netapp e-series_santricity_os_controllerRange11.0.0–11.60.3

netapp e-series_santricity_storage_managerMatch-

netapp e-series_santricity_web_servicesMatch-web_services_proxy

netapp oncommand_insightMatch-

netapp oncommand_workflow_automationMatch-

netapp santricity_unified_managerMatch-

netapp steelstore_cloud_integrated_storageMatch-

[
  {
    "product": "Java",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Java SE: 7u241, 8u231, 11.0.5, 13.0.1"
      },
      {
        "status": "affected",
        "version": "Java SE Embedded: 8u231"
      }
    ]
  }
]

Source	Link
access	www.access.redhat.com/errata/RHSA-2020:0541
debian	www.debian.org/security/2020/dsa-4621
debian	www.debian.org/security/2020/dsa-4605
lists	www.lists.debian.org/debian-lts-announce/2020/02/msg00034.html
access	www.access.redhat.com/errata/RHSA-2020:0122
kc	www.kc.mcafee.com/corporate/index
access	www.access.redhat.com/errata/RHSA-2020:0196
access	www.access.redhat.com/errata/RHSA-2020:0632
oracle	www.oracle.com/security-alerts/cpujan2020.html
seclists	www.seclists.org/bugtraq/2020/Feb/22

21 Nov 2024 05:25Current

4.4Medium risk

Vulners AI Score4.4

CVSS 3.13.7

CVSS 24.3

CVSS 33.7

EPSS0.00449

SSVC