Lucene search

OracleCVE-2020-2816

HistoryApr 15, 2020 - 2:15 p.m.

CVE-2020-2816

2020-04-1514:15:29

oracle

web.nvd.nist.gov

263

cve-2020-2816

oracle

java se

jsse

vulnerability

unauthorized access

data compromise

security issue

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.8

Confidence

High

EPSS

0.002

Percentile

52.4%

JSON

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

Affected configurations

Nvd

Vulners

Node

oraclejdkMatch11.0.6

oraclejdkMatch14.0.0

oraclejreMatch11.0.6

oraclejreMatch14.0.0

Node

oracleopenjdkRange11–11.0.6

oracleopenjdkRange13–13.0.2

oracleopenjdkMatch7-

oracleopenjdkMatch7update1

oracleopenjdkMatch7update10

oracleopenjdkMatch7update101

oracleopenjdkMatch7update11

oracleopenjdkMatch7update111

oracleopenjdkMatch7update121

oracleopenjdkMatch7update13

oracleopenjdkMatch7update131

oracleopenjdkMatch7update141

oracleopenjdkMatch7update15

oracleopenjdkMatch7update151

oracleopenjdkMatch7update161

oracleopenjdkMatch7update17

oracleopenjdkMatch7update171

oracleopenjdkMatch7update181

oracleopenjdkMatch7update191

oracleopenjdkMatch7update2

oracleopenjdkMatch7update201

oracleopenjdkMatch7update21

oracleopenjdkMatch7update211

oracleopenjdkMatch7update221

oracleopenjdkMatch7update231

oracleopenjdkMatch7update241

oracleopenjdkMatch7update25

oracleopenjdkMatch7update251

oracleopenjdkMatch7update3

oracleopenjdkMatch7update4

oracleopenjdkMatch7update40

oracleopenjdkMatch7update45

oracleopenjdkMatch7update5

oracleopenjdkMatch7update51

oracleopenjdkMatch7update55

oracleopenjdkMatch7update6

oracleopenjdkMatch7update60

oracleopenjdkMatch7update65

oracleopenjdkMatch7update67

oracleopenjdkMatch7update7

oracleopenjdkMatch7update72

oracleopenjdkMatch7update76

oracleopenjdkMatch7update80

oracleopenjdkMatch7update85

oracleopenjdkMatch7update9

oracleopenjdkMatch7update91

oracleopenjdkMatch7update95

oracleopenjdkMatch7update97

oracleopenjdkMatch7update99

oracleopenjdkMatch8-

oracleopenjdkMatch8update101

oracleopenjdkMatch8update102

oracleopenjdkMatch8update11

oracleopenjdkMatch8update111

oracleopenjdkMatch8update112

oracleopenjdkMatch8update121

oracleopenjdkMatch8update131

oracleopenjdkMatch8update141

oracleopenjdkMatch8update151

oracleopenjdkMatch8update152

oracleopenjdkMatch8update161

oracleopenjdkMatch8update162

oracleopenjdkMatch8update171

oracleopenjdkMatch8update172

oracleopenjdkMatch8update181

oracleopenjdkMatch8update191

oracleopenjdkMatch8update192

oracleopenjdkMatch8update20

oracleopenjdkMatch8update201

oracleopenjdkMatch8update202

oracleopenjdkMatch8update211

oracleopenjdkMatch8update212

oracleopenjdkMatch8update221

oracleopenjdkMatch8update231

oracleopenjdkMatch8update241

oracleopenjdkMatch8update25

oracleopenjdkMatch8update31

oracleopenjdkMatch8update40

oracleopenjdkMatch8update45

oracleopenjdkMatch8update5

oracleopenjdkMatch8update51

oracleopenjdkMatch8update60

oracleopenjdkMatch8update65

oracleopenjdkMatch8update66

oracleopenjdkMatch8update71

oracleopenjdkMatch8update72

oracleopenjdkMatch8update73

oracleopenjdkMatch8update74

oracleopenjdkMatch8update77

oracleopenjdkMatch8update91

oracleopenjdkMatch8update92

oracleopenjdkMatch14

Node

netapp7-mode_transition_toolMatch-

netappactive_iq_unified_managerRange7.3≥windows

netappactive_iq_unified_managerRange9.5≥vsphere

netappcloud_backupMatch-

netappe-series_performance_analyzerMatch-

netappe-series_santricity_os_controllerRange11.0.0–11.60.1

netappe-series_santricity_web_servicesMatch-web_services_proxy

netapponcommand_insightMatch-

netapponcommand_workflow_automationMatch-

netappplug-in_for_symantec_netbackupMatch-

netappsantricity_unified_managerMatch-

netappsnapmanagerMatch-sap

netappsnapmanagerMatch--oracle

netappsteelstore_cloud_integrated_storageMatch-

netappstoragegridRange9.0.0–9.0.4

netappstoragegridMatch-

Node

canonicalubuntu_linuxMatch16.04esm

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch19.10

Node

debiandebian_linuxMatch10.0

opensuseleapMatch15.1

VendorProductVersionCPE
oraclejdk11.0.6cpe:2.3:a:oracle:jdk:11.0.6:*:*:*:*:*:*:*
oraclejdk14.0.0cpe:2.3:a:oracle:jdk:14.0.0:*:*:*:*:*:*:*
oraclejre11.0.6cpe:2.3:a:oracle:jre:11.0.6:*:*:*:*:*:*:*
oraclejre14.0.0cpe:2.3:a:oracle:jre:14.0.0:*:*:*:*:*:*:*
oracleopenjdk*cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*
oracleopenjdk7cpe:2.3:a:oracle:openjdk:7:-:*:*:*:*:*:*
oracleopenjdk7cpe:2.3:a:oracle:openjdk:7:update1:*:*:*:*:*:*
oracleopenjdk7cpe:2.3:a:oracle:openjdk:7:update10:*:*:*:*:*:*
oracleopenjdk7cpe:2.3:a:oracle:openjdk:7:update101:*:*:*:*:*:*
oracleopenjdk7cpe:2.3:a:oracle:openjdk:7:update11:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	jdk	11.0.6	cpe:2.3:a:oracle:jdk:11.0.6:::::::*
oracle	jdk	14.0.0	cpe:2.3:a:oracle:jdk:14.0.0:::::::*
oracle	jre	11.0.6	cpe:2.3:a:oracle:jre:11.0.6:::::::*
oracle	jre	14.0.0	cpe:2.3:a:oracle:jre:14.0.0:::::::*
oracle	openjdk	*	cpe:2.3:a:oracle:openjdk::::::::
oracle	openjdk	7	cpe:2.3:a:oracle:openjdk:7:-::::::
oracle	openjdk	7	cpe:2.3:a:oracle:openjdk:7:update1::::::
oracle	openjdk	7	cpe:2.3:a:oracle:openjdk:7:update10::::::
oracle	openjdk	7	cpe:2.3:a:oracle:openjdk:7:update101::::::
oracle	openjdk	7	cpe:2.3:a:oracle:openjdk:7:update11::::::

Rows per page:

1-10 of 1161

CNA Affected

[
  {
    "product": "Java",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Java SE: 11.0.6, 14"
      }
    ]
  }
]