Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2020-14664
HistoryJul 15, 2020 - 12:00 a.m.

CVE-2020-14664

2020-07-1500:00:00
ubuntu.com
ubuntu.com
9

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON

Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX).
The supported version that is affected is Java SE: 8u251. Difficult to
exploit vulnerability allows unauthenticated attacker with network access
via multiple protocols to compromise Java SE. Successful attacks require
human interaction from a person other than the attacker and while the
vulnerability is in Java SE, attacks may significantly impact additional
products. Successful attacks of this vulnerability can result in takeover
of Java SE. Note: This vulnerability applies to Java deployments, typically
in clients running sandboxed Java Web Start applications or sandboxed Java
applets, that load and run untrusted code (e.g., code that comes from the
internet) and rely on the Java sandbox for security. This vulnerability
does not apply to Java deployments, typically in servers, that load and run
only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base
Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS
Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchopenjfx< anyUNKNOWN

Related

cve 1
openvas 2
prion 1
zdi 1
debiancve 1
veracode 1
redhatcve 1
f5 1
nessus 4
kaspersky 1
gentoo 1
oracle 1
cve
cve
CVE-2020-14664
2020-07-15 18:15:00
openvas
openvas
Oracle Java SE Security Updates - 01 - (cpujul2020) - Windows
2021-08-25 00:00:00
Oracle Java SE Security Updates - 01 - (cpujul2020) - Linux
2021-08-25 00:00:00
prion
prion
Design/Logic Flaw
2020-07-15 18:15:00
zdi
zdi
Oracle Java Runtime Environment HTML Rendering Out-Of-Bounds Write Remote Code Execution Vulnerability
2020-07-20 00:00:00
debiancve
debiancve
CVE-2020-14664
2020-07-15 18:15:00
veracode
veracode
Remote Code Execution (RCE)
2020-12-06 04:09:18
redhatcve
redhatcve
CVE-2020-14664
2020-08-04 17:15:34
f5
f5
K02553911 : Java vulnerabilities CVE-2020-14556, CVE-2020-14583, and CVE-2020-14664
2020-08-14 00:00:00
nessus
nessus
Amazon Corretto Java 8.x < 8.262.10.1 Multiple Vulnerabilities
2022-04-01 00:00:00
Oracle Java SE 1.7.0_271 / 1.8.0_261 / 1.11.0_8 / 1.14.0_2 Multiple Vulnerabilities (Jul 2020 CPU)
2020-07-17 00:00:00
Oracle Java SE 1.7.0_271 / 1.8.0_261 / 1.11.0_8 / 1.14.0_2 Multiple Vulnerabilities (Jul 2020 CPU)
2020-07-16 00:00:00
kaspersky
kaspersky
KLA11867 Multiple vulnerabilities in Oracle Java SE
2020-07-14 00:00:00
gentoo
gentoo
Oracle JDK/JRE: Multiple vulnerabilities
2022-09-25 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2020
2020-07-14 00:00:00

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON
Related for UB:CVE-2020-14664
cve1openvas2prion1zdi1debiancve1veracode1redhatcve1f51nessus4kaspersky1gentoo1oracle1