Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-2773
HistoryApr 15, 2020 - 2:15 p.m.

CVE-2020-2773

2020-04-1514:15:26
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

4.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.4%

JSON

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

Affected configurations

NVD
Node
oraclejdkMatch1.7.0update251
OR
oraclejdkMatch1.8.0update241
OR
oraclejdkMatch11.0.6
OR
oraclejdkMatch14.0.0
OR
oraclejreMatch1.7.0update251
OR
oraclejreMatch1.8.0update241
OR
oraclejreMatch11.0.6
OR
oraclejreMatch14.0.0
Node
oracleopenjdkRange1111.0.6
OR
oracleopenjdkRange1313.0.2
OR
oracleopenjdkMatch7-
OR
oracleopenjdkMatch7update1
OR
oracleopenjdkMatch7update10
OR
oracleopenjdkMatch7update101
OR
oracleopenjdkMatch7update11
OR
oracleopenjdkMatch7update111
OR
oracleopenjdkMatch7update121
OR
oracleopenjdkMatch7update13
OR
oracleopenjdkMatch7update131
OR
oracleopenjdkMatch7update141
OR
oracleopenjdkMatch7update15
OR
oracleopenjdkMatch7update151
OR
oracleopenjdkMatch7update161
OR
oracleopenjdkMatch7update17
OR
oracleopenjdkMatch7update171
OR
oracleopenjdkMatch7update181
OR
oracleopenjdkMatch7update191
OR
oracleopenjdkMatch7update2
OR
oracleopenjdkMatch7update201
OR
oracleopenjdkMatch7update21
OR
oracleopenjdkMatch7update211
OR
oracleopenjdkMatch7update221
OR
oracleopenjdkMatch7update231
OR
oracleopenjdkMatch7update241
OR
oracleopenjdkMatch7update25
OR
oracleopenjdkMatch7update251
OR
oracleopenjdkMatch7update3
OR
oracleopenjdkMatch7update4
OR
oracleopenjdkMatch7update40
OR
oracleopenjdkMatch7update45
OR
oracleopenjdkMatch7update5
OR
oracleopenjdkMatch7update51
OR
oracleopenjdkMatch7update55
OR
oracleopenjdkMatch7update6
OR
oracleopenjdkMatch7update60
OR
oracleopenjdkMatch7update65
OR
oracleopenjdkMatch7update67
OR
oracleopenjdkMatch7update7
OR
oracleopenjdkMatch7update72
OR
oracleopenjdkMatch7update76
OR
oracleopenjdkMatch7update80
OR
oracleopenjdkMatch7update85
OR
oracleopenjdkMatch7update9
OR
oracleopenjdkMatch7update91
OR
oracleopenjdkMatch7update95
OR
oracleopenjdkMatch7update97
OR
oracleopenjdkMatch7update99
OR
oracleopenjdkMatch8-
OR
oracleopenjdkMatch8update101
OR
oracleopenjdkMatch8update102
OR
oracleopenjdkMatch8update11
OR
oracleopenjdkMatch8update111
OR
oracleopenjdkMatch8update112
OR
oracleopenjdkMatch8update121
OR
oracleopenjdkMatch8update131
OR
oracleopenjdkMatch8update141
OR
oracleopenjdkMatch8update151
OR
oracleopenjdkMatch8update152
OR
oracleopenjdkMatch8update161
OR
oracleopenjdkMatch8update162
OR
oracleopenjdkMatch8update171
OR
oracleopenjdkMatch8update172
OR
oracleopenjdkMatch8update181
OR
oracleopenjdkMatch8update191
OR
oracleopenjdkMatch8update192
OR
oracleopenjdkMatch8update20
OR
oracleopenjdkMatch8update201
OR
oracleopenjdkMatch8update202
OR
oracleopenjdkMatch8update211
OR
oracleopenjdkMatch8update212
OR
oracleopenjdkMatch8update221
OR
oracleopenjdkMatch8update231
OR
oracleopenjdkMatch8update241
OR
oracleopenjdkMatch8update25
OR
oracleopenjdkMatch8update31
OR
oracleopenjdkMatch8update40
OR
oracleopenjdkMatch8update45
OR
oracleopenjdkMatch8update5
OR
oracleopenjdkMatch8update51
OR
oracleopenjdkMatch8update60
OR
oracleopenjdkMatch8update65
OR
oracleopenjdkMatch8update66
OR
oracleopenjdkMatch8update71
OR
oracleopenjdkMatch8update72
OR
oracleopenjdkMatch8update73
OR
oracleopenjdkMatch8update74
OR
oracleopenjdkMatch8update77
OR
oracleopenjdkMatch8update91
OR
oracleopenjdkMatch8update92
OR
oracleopenjdkMatch14
Node
fedoraprojectfedoraMatch30
OR
fedoraprojectfedoraMatch31
OR
fedoraprojectfedoraMatch32
Node
opensuseleapMatch15.1
OR
opensuseleapMatch15.2
Node
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
canonicalubuntu_linuxMatch16.04esm
OR
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch19.10
Node
mcafeeepolicy_orchestratorMatch5.9.0
OR
mcafeeepolicy_orchestratorMatch5.9.1
OR
mcafeeepolicy_orchestratorMatch5.10.0-
OR
mcafeeepolicy_orchestratorMatch5.10.0update_1
OR
mcafeeepolicy_orchestratorMatch5.10.0update_2
OR
mcafeeepolicy_orchestratorMatch5.10.0update_3
OR
mcafeeepolicy_orchestratorMatch5.10.0update_4
OR
mcafeeepolicy_orchestratorMatch5.10.0update_5
OR
mcafeeepolicy_orchestratorMatch5.10.0update_6
OR
mcafeeepolicy_orchestratorMatch5.10.0update_7
OR
mcafeeepolicy_orchestratorMatch5.10.0update_8
Node
netapp7-mode_transition_toolMatch-
OR
netappactive_iq_unified_managerRange7.3windows
OR
netappactive_iq_unified_managerRange9.5vsphere
OR
netappcloud_backupMatch-
OR
netappcloud_secure_agentMatch-
OR
netappe-series_performance_analyzerMatch-
OR
netappe-series_santricity_os_controllerRange11.0.011.70.2
OR
netappe-series_santricity_web_servicesMatch-web_services_proxy
OR
netapponcommand_insightMatch-
OR
netapponcommand_workflow_automationMatch-
OR
netappsantricity_unified_managerMatch-
OR
netappsnapmanagerMatch-sap
OR
netappsnapmanagerMatch--oracle
OR
netappsteelstore_cloud_integrated_storageMatch-
OR
netappstoragegridRange9.0.09.0.4
OR
netappstoragegridMatch-

References

Related

redhatcve 1
ibm 61
cve 1
osv 4
cvelist 1
ubuntucve 1
veracode 1
alpinelinux 1
prion 1
debiancve 1
f5 1
redhat 12
nessus 57
oraclelinux 7
centos 5
openvas 27
amazon 4
debian 3
fedora 3
aix 1
suse 3
gentoo 1
mageia 1
ubuntu 1
redhatcve
redhatcve
CVE-2020-2773
2020-04-14 22:03:26
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Netcool Impact (CVE-2020-2773)
2021-03-23 16:37:53
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester
2021-08-26 20:11:11
Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11, v12 (CVE-2020-2773)
2021-09-08 13:01:16
cve
cve
CVE-2020-2773
2020-04-15 14:15:26
osv
osv
CVE-2020-2773
2020-04-15 14:15:26
openjdk-7 - security update
2020-04-28 00:00:00
openjdk-8 - security update
2020-04-28 00:00:00
cvelist
cvelist
CVE-2020-2773
2020-04-15 13:29:45
ubuntucve
ubuntucve
CVE-2020-2773
2020-04-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-08-11 03:22:29
alpinelinux
alpinelinux
CVE-2020-2773
2020-04-15 14:15:26
prion
prion
Design/Logic Flaw
2020-04-15 14:15:00
debiancve
debiancve
CVE-2020-2773
2020-04-15 14:15:26
f5
f5
K91643220 : Java vulnerabilities CVE-2020-2659 and CVE-2020-2773
2021-04-09 00:00:00
redhat
redhat
(RHSA-2021:0717) Critical: java-1.8.0-ibm security update
2021-03-03 20:42:35
(RHSA-2021:0736) Critical: java-1.8.0-ibm security update
2021-03-04 17:36:10
(RHSA-2020:1508) Important: java-1.7.0-openjdk security update
2020-04-21 07:55:40
nessus
nessus
RHEL 8 : java-1.8.0-ibm (RHSA-2021:0736)
2021-03-05 00:00:00
RHEL 7 : java-1.8.0-ibm (RHSA-2021:0717)
2021-03-05 00:00:00
Scientific Linux Security Update : java-1.7.0-openjdk on SL7.x x86_64 (20200421)
2020-04-22 00:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2020-04-21 00:00:00
java-1.7.0-openjdk security update
2020-04-22 00:00:00
java-1.8.0-openjdk security update
2020-04-21 00:00:00
centos
centos
java security update
2020-04-30 19:54:04
java security update
2020-04-28 00:24:04
java security update
2020-04-28 00:26:13
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:1571-1)
2021-04-19 00:00:00
Oracle Java SE Security Update (cpuapr2020 - 01) - Windows
2020-04-15 00:00:00
Oracle Java SE Security Updates - 01 - (cpuapr2020) - Linux
2021-08-24 00:00:00
amazon
amazon
Important: java-1.7.0-openjdk
2020-05-08 20:58:00
Important: java-1.7.0-openjdk
2020-05-08 20:10:00
Important: java-1.8.0-openjdk
2020-05-05 01:18:00
debian
debian
[SECURITY] [DLA 2193-1] openjdk-7 security update
2020-04-29 00:48:53
[SECURITY] [DSA 4668-1] openjdk-8 security update
2020-04-28 19:35:17
[SECURITY] [DSA 4662-1] openjdk-11 security update
2020-04-24 12:55:19
fedora
fedora
[SECURITY] Fedora 32 Update: java-1.8.0-openjdk-1.8.0.252.b09-0.fc32
2020-05-07 03:11:08
[SECURITY] Fedora 31 Update: java-1.8.0-openjdk-1.8.0.252.b09-0.fc31
2020-05-18 03:23:13
[SECURITY] Fedora 30 Update: java-1.8.0-openjdk-1.8.0.252.b09-0.fc30
2020-05-13 03:36:38
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2021-03-15 10:22:29
suse
suse
Security update for java-1_8_0-openj9 (important)
2020-06-24 00:00:00
Security update for java-1_8_0-openjdk (important)
2020-06-13 00:00:00
Security update for java-11-openjdk (important)
2020-06-02 00:00:00
gentoo
gentoo
OpenJDK, IcedTea: Multiple vulnerabilities
2020-06-15 00:00:00
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerabilities
2020-04-24 20:03:35
ubuntu
ubuntu
OpenJDK vulnerabilities
2020-04-22 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

4.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.4%

JSON
Related for NVD:CVE-2020-2773
redhatcve1ibm61cve1osv4cvelist1ubuntucve1veracode1alpinelinux1prion1debiancve1f51redhat12nessus57oraclelinux7centos5openvas27amazon4debian3fedora3aix1suse3gentoo1mageia1ubuntu1