Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

PT-2020-2597

🗓️ 14 Apr 2020 00:00:00Reported by Positive TechnologiesType 
ptsecurity
 ptsecurity🔗 dbugs.ptsecurity.com👁 4 Views

Insufficient input validation in Oracle Lightweight HTTP Server enables remote data modification, addition, deletion, or read via API input.

Related
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Java SE issues disclosed in the Oracle April 2018 Critical Patch Update affects IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation
18 Jun 201801:43
ibm
IBM Security Bulletins		Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics
4 Nov 202220:17
ibm
IBM Security Bulletins		Security Bulletin: IBM Kenexa LCMS Premier On Premise - IBM SDK, Java Technology Edition Quarterly CPU - Apr 2020 - Includes Oracle Apr 2020 CPU
17 Jun 202011:16
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i
28 Sep 202015:38
ibm
IBM Security Bulletins		Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oracle Jul 2020 CPU plus one additional vulnerability and Oracle deferred from Jan 2020
13 Feb 202100:52
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM OS Images for Red Hat Linux Systems (July2019 updates)
30 Oct 201917:45
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affect IBM Performance Management products
12 Apr 201907:10
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affect IBM Performance Management products
3 Jul 201803:27
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server and IBM WebSphere Application Server used in IBM WebSphere Application Server in IBM Cloud
16 Jun 202013:32
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Operational Decision Manager (October 2019, January 2020 and April 2020 CPUs)
17 Jun 202013:44
ibm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
08 May 2026 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 25.8
CVSS 3.18.3
CVSS 34.8
EPSS0.09393
SSVC
Lightweight HTTP ServerOracle Java SEJava SE Embeddedremote data accessapplication programming interface inputaffected versions 7u251 8u241 11.0.6 14
4