CVE-2020-2654

🗓️ 15 Jan 2020 16:34:05Reported by oracleType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 414 Views

Vulnerability in Oracle Java SE allows unauthenticated attacker to cause a partial denial of service (DOS)

Reporter	Title	Published	Views	Family All 403
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics	4 Nov 202220:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - Includes Oracle Jan 2020 CPU minus CVE-2020-2585, CVE-2020-2654, and CVE-2020-2590	30 May 202019:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Z Development and Test Environment - April 2020	27 Oct 202013:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Tivoli Netcool Performance Manager for Wireline April 2020 CPU plus deferred CVE-2019-2949 and CVE-2020-2654	5 Aug 202006:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Kenexa LMS On Premise - CVE-2020-2654 (deferred from Oracle Jan 2020 CPU)	30 Jun 202014:14	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2020-2654 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections	31 Aug 202007:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server and IBM WebSphere Application Server used in IBM WebSphere Application Server in IBM Cloud	16 Jun 202013:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM Java Runtime affects Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2020-2654)	22 Jul 202006:10	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM Java SDK affect IBM Cloud Manager with OpenStack (CVE-2020-2654)	31 Aug 202013:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On April 2020 CPU plus deferred CVE-2019-2949 and CVE-2020-2654	5 Jun 202015:42	–	ibm

NVD

Vulners

Node

oracle jdkMatch1.7.0update241

oracle jdkMatch1.8.0update231

oracle jdkMatch11.0.5

oracle jdkMatch13.0.1

oracle jreMatch1.7.0update_241

oracle jreMatch1.8.0update_231

oracle jreMatch11.0.5

oracle jreMatch13.0.1

Node

redhat enterprise_linuxMatch6.0

redhat enterprise_linuxMatch7.0

redhat enterprise_linuxMatch8.0

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_eusMatch7.7

redhat enterprise_linux_eusMatch8.1

redhat enterprise_linux_server_ausMatch7.7

redhat enterprise_linux_server_tusMatch7.7

redhat enterprise_linux_workstationMatch6.0

redhat enterprise_linux_workstationMatch7.0

Node

oracle openjdkMatch7-

oracle openjdkMatch7update241

oracle openjdkMatch7update80

oracle openjdkMatch7update85

oracle openjdkMatch8-

oracle openjdkMatch8update102

oracle openjdkMatch8update112

oracle openjdkMatch8update152

oracle openjdkMatch8update162

oracle openjdkMatch8update172

oracle openjdkMatch8update192

oracle openjdkMatch8update20

oracle openjdkMatch8update202

oracle openjdkMatch8update212

oracle openjdkMatch8update222

oracle openjdkMatch8update232

oracle openjdkMatch8update40

oracle openjdkMatch8update60

oracle openjdkMatch8update66

oracle openjdkMatch8update72

oracle openjdkMatch8update92

oracle openjdkMatch11

oracle openjdkMatch11.0.1

oracle openjdkMatch11.0.2

oracle openjdkMatch11.0.3

oracle openjdkMatch11.0.4

oracle openjdkMatch11.0.5

oracle openjdkMatch13

oracle openjdkMatch13.0.1

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

debian debian_linuxMatch10.0

Node

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch19.10

Node

netapp active_iq_unified_managerRange7.3≥windows

netapp active_iq_unified_managerRange9.5≥vmware_vsphere

netapp e-series_performance_analyzerMatch-

netapp e-series_santricity_management_plug-insMatch-vmware_vcenter

netapp e-series_santricity_os_controllerRange11.0.0–11.60.1

netapp e-series_santricity_storage_managerMatch-

netapp e-series_santricity_web_services_proxyMatch-

netapp oncommand_insightMatch-

netapp oncommand_workflow_automationMatch-

netapp santricity_unified_managerMatch-

netapp steelstore_cloud_integrated_storageMatch-

Node

mcafee epolicy_orchestratorMatch5.9.0

mcafee epolicy_orchestratorMatch5.9.1

mcafee epolicy_orchestratorMatch5.10.0-

mcafee epolicy_orchestratorMatch5.10.0update_1

mcafee epolicy_orchestratorMatch5.10.0update_2

mcafee epolicy_orchestratorMatch5.10.0update_3

mcafee epolicy_orchestratorMatch5.10.0update_4

mcafee epolicy_orchestratorMatch5.10.0update_5

mcafee epolicy_orchestratorMatch5.10.0update_6

Node

opensuse leapMatch15.1

[
  {
    "product": "Java",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Java SE: 7u241, 8u231, 11.0.5, 13.0.1"
      }
    ]
  }
]

Source	Link
access	www.access.redhat.com/errata/RHSA-2020:0541
debian	www.debian.org/security/2020/dsa-4621
debian	www.debian.org/security/2020/dsa-4605
lists	www.lists.debian.org/debian-lts-announce/2020/02/msg00034.html
access	www.access.redhat.com/errata/RHSA-2020:0122
kc	www.kc.mcafee.com/corporate/index
access	www.access.redhat.com/errata/RHSA-2020:0196
access	www.access.redhat.com/errata/RHSA-2020:0632
oracle	www.oracle.com/security-alerts/cpujan2020.html
seclists	www.seclists.org/bugtraq/2020/Feb/22

21 Nov 2024 05:25Current

4.5Medium risk

Vulners AI Score4.5

CVSS 3.13.7

CVSS 24.3

CVSS 33.7

EPSS0.00339

SSVC