Authorization Bypass

🗓️ 02 May 2019 05:07:16Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 32 Views

Java vulnerable to authorization bypass through JSSE

Reporter	Title	Published	Views	Family All 294
IBM Security Bulletins	Security Bulletin:Multiple vulnerabilities in IBM Java SDK affect IBM MessageSight (CVE-2014-6593 and CVE-2015-0410)	17 Jun 201815:12	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Image Construction and Composition Tool (CVE-2015-0410 and CVE-2014-6593)	15 Jun 201807:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition	15 Jun 201807:02	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GSKit affect IBM Rational ClearCase (CVE-2015-0138)	10 Jul 201808:34	–	ibm
IBM Security Bulletins	Security Bulletins for Emptoris Program Management	8 Dec 201816:15	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9, v7.5 & v7.2.2, IBM Tivoli Asset Discovery for Distributed v7.5 & v7.2.2 and IBM Endpoint Manager for Software Use Analysis v9 - CVE-2014-6593, CVE-2015-0400, C	19 Aug 202218:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator	17 Jun 201822:30	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM System Networking Switch Center (CVE-2014-3566, CVE-2014-6512, CVE-2014-6457 CVE-2015-0410, CVE-2015-6593)	31 Jan 201901:55	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects Rational Directory Server (CVE-2014-6457, CVE-2014-6593)	17 Jun 201804:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM OS Images for Red Hat Linux Systems and AIX (CVE-2015-0410 and CVE-2014-6593)	15 Jun 201807:03	–	ibm

Vulners

Node

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.5_2.2.1.el6_3.3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.4.1.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.5_2.2.1.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.25_2.3.10.3.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.71_2.5.3.2.el6_6

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.71_2.5.3.1.el6

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.45_2.4.3.4.el6_5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.55_2.4.7.1.el6_5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.2.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.7.1.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.19_2.3.9.1.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.5.3.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.el6_3.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.45_2.4.3.3.el6

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.25_2.3.10.4.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.65_2.5.1.2.el6_5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.45_2.4.3.2.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.51_2.4.4.1.el6_5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.3_2.1.el6.7

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.8.0.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.71_2.5.3.1.el5_11

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.5.3.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.el5.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.19_2.3.9.1.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.51_2.4.4.1.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.55_2.4.7.1.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.7.1.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.51_2.4.4.2.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.65_2.5.1.2.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.4.el5_9.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.8.0.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.25_2.3.10.4.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.45_2.4.3.1.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.25_2.3.10.5.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.55_2.4.7.2.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_11.1.13.4.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.1.9.8.el6_1

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.16.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_4.1.13.1.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.33.1.11.6.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_5.1.13.3.el6_5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.48.1.11.3.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.31.b17.el6_0

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.2.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.25.1.10.6.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.23.1.9.10.el5_7

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.24.1.10.4.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.1.9.7.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.40.1.9.10.el6_1

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.36.b17.el6_0

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_0.25.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.11.b16.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.42.1.11.14.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.28.1.10.9.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.33_1.13.5.1.el6_6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.7.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.20.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.35.1.11.8.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_0.30.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_7.1.13.4.el6_5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_6.1.13.4.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.50.1.11.5.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.61.1.11.11.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.22.1.9.8.el5_6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.49.1.11.4.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.65.1.11.14.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.43.1.10.6.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.33_1.13.5.0.el6_6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.27.1.10.8.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.42.1.10.4.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_6.1.13.4.el6_5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.21.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.41.1.10.4.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.54.1.11.6.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.17.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.56.1.11.8.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.18.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.65.1.11.13.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.40.1.11.11.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.62.1.11.11.90.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.28.1.10.10.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_3.1.13.1.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_5.1.13.3.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_3.1.13.1.el6_5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.36.1.11.9.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.b17.el6_0

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.45.1.11.1.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.33_1.13.5.0.el5_11

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.30.1.11.5.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.21.b17.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.57.1.11.9.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.13.b16.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.66.1.13.0.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.41.1.11.11.90.el5_9

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.9.1_1jpp.1.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.10.1_1jpp.1.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.10.1_1jpp.5.el6_2

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.14.0_1jpp.1.el6_4

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.16.2_1jpp.1.el6

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.4_1jpp.1.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.15.0_1jpp.1.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.16.0_1jpp.1.el6

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.15.0_1jpp.1.el6

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.9.1_1jpp.1.el6

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.8.1_1jpp.2.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.16.0_1jpp.1.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.14.0_1jpp.1.el5_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.25_3.b17.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.20_3.b26.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.25_1.b17.el6

Source	Link
securitytracker	www.securitytracker.com/id/1031580
exploit-db	www.exploit-db.com/exploits/38641/
securityfocus	www.securityfocus.com/bid/72169
access	www.access.redhat.com/security/updates/classification/
rhn	www.rhn.redhat.com/errata/RHSA-2015-0067.html
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
debian	www.debian.org/security/2015/dsa-3144
debian	www.debian.org/security/2015/dsa-3147
security	www.security.gentoo.org/glsa/201507-14
security	www.security.gentoo.org/glsa/201603-14

13 May 2022 16:37Current

4.6Medium risk

Vulners AI Score4.6

CVSS 24

EPSS0.67234