Authorization Bypass

🗓️ 17 Jan 2020 01:47:10Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 30 Views

OpenJDK authorization bypass vulnerabilit

Reporter	Title	Published	Views	Family All 350
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics	4 Nov 202220:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Z Development and Test Environment - April 2020	27 Oct 202013:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF	23 Mar 202016:13	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020	21 May 202015:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Operational Decision Manager (October 2019, January 2020 and April 2020 CPUs)	17 Jun 202013:44	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center	22 Apr 202020:43	–	ibm
IBM Security Bulletins	Security Bulletin: Java Quarterly CPU affecting Watson Knowledge Catalog for IBM Cloud Pak for Data	28 Apr 202019:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM StoredIQ	10 Jul 202014:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.	27 Mar 202009:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime may affect Tivoli Netcool Performance Manager for Wireless,Oracle January 2020 CPU	13 Aug 202019:22	–	ibm

Vulners

Node

alpinelinux alpine_linuxMatch3.11

alpinelinux alpine_linuxMatch3.9

alpinelinux alpine_linuxMatch3.12

alpinelinux alpine_linuxMatch3.10

alpinelinux alpine_linuxMatch3.8

alpinelinux alpine_linuxMatch3.7

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

alpinelinux alpine_linuxMatch3.11

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

alpinelinux alpine_linuxMatch3.9

openjdk7 openjdk7Match7.221.2.6.18-r2os

AND

alpinelinux alpine_linuxMatch3.12

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

alpinelinux alpine_linuxMatch3.10

openjdk8 openjdk8Match8.222.10-r0os

AND

alpinelinux alpine_linuxMatch3.8

openjdk8 openjdk8Match8.222.10-r0os

AND

alpinelinux alpine_linuxMatch3.7

openjdk7 openjdk7Match7.221.2.6.18-r1os

AND

openjdk7 openjdk7Match7.221.2.6.18-r2os

AND

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

alpinelinux alpine_linuxMatchedge

java-11-openjdk java-11-openjdkMatch11.0.5.10_0.el7_7

java-11-openjdk java-11-openjdkMatch11.0.2.7_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.3.7_1.el7

java-11-openjdk java-11-openjdkMatch11.0.4.11_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.4.11_1.el7_7

java-11-openjdk java-11-openjdkMatch11.0.ea.28_7.el7

java-11-openjdk java-11-openjdkMatch11.0.3.7_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.1.13_3.el7_6

java-11-openjdk java-11-openjdkMatch11.0.3.7_2.el8_0

java-11-openjdk java-11-openjdkMatch11.0.5.10_0.el8_0

java-11-openjdk java-11-openjdkMatch11.0.2.7_2.el8

java-11-openjdk java-11-openjdkMatch11.0.4.11_0.el8_0

java-11-openjdk java-11-openjdkMatch11.0.5.10_2.el8_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_3.b14.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.25_1.b17.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_28.b13.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.31_1.b13.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_1.b14.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_0.b16.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.212.b04_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_0.b14.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_3.b16.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.121_0.b13.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_35.b13.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.71_1.b15.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.144_0.b01.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.141_3.b16.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_1.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.101_3.b13.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.111_1.b15.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_3.b13.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.111_0.b15.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_3.b10.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.77_0.b03.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.131_0.b11.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_1.b16.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.65_0.b17.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_1.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.20_3.b26.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_8.b10.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.25_3.b17.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.121_1.b13.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.151_1.b12.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.141_2.b16.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_3.b14.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_7.b13.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b03_1.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_0.el7_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.31_7.b13.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_8.b10.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.212.b04_0.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.65_2.b17.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_3.b13.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_30.b13.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_1.b16.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_2.b14.el7_4

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_1.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_2.b14.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_7.b10.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.60_2.b27.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_0.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_1.el7_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_2.el8_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el8_0

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_0.el8_0

Source	Link
seclists	www.seclists.org/bugtraq/2020/Jan/24
seclists	www.seclists.org/bugtraq/2020/Feb/22
lists	www.lists.debian.org/debian-lts-announce/2020/02/msg00034.html
access	www.access.redhat.com/security/updates/classification/
access	www.access.redhat.com/errata/RHSA-2020:0122
debian	www.debian.org/security/2020/dsa-4605
debian	www.debian.org/security/2020/dsa-4621
security	www.security.gentoo.org/glsa/202101-19
kc	www.kc.mcafee.com/corporate/index
security	www.security.netapp.com/advisory/ntap-20200122-0003/

05 Mar 2021 00:02Current

2.9Low risk

Vulners AI Score2.9

CVSS 34.8

CVSS 25.8

EPSS0.00752

SSVC