Authorization Bypass

🗓️ 23 Oct 2020 08:58:26Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 29 Views

OpenJDK vulnerability authorization bypass missing permission chec

Reporter	Title	Published	Views	Family All 314
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Netcool Agile Service Manager	25 Nov 202109:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics	4 Nov 202220:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester	5 Apr 202107:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Oct 2020 CPU	9 Mar 202112:07	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Transformation Advisor	31 Mar 202114:55	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - affect multiple IBM Continuous Engineering products based on IBM Jazz Technology	1 Dec 202118:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageGateway (CVE-2020-14797, CVE-2020-14779, CVE-2020-14796)	23 Feb 202117:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Privileged Identity Manager is affected by vulnerability in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020	4 Aug 202107:41	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel and Java affect IBM Spectrum Protect Plus	3 Mar 202121:46	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections	4 Feb 202116:41	–	ibm

Vulners

Node

openjdk11 openjdk11Match11.0.7_p10-r1os

AND

alpinelinux alpine_linuxMatch3.12

openjdk7 openjdk7Match7.221.2.6.18-r2os

AND

alpinelinux alpine_linuxMatch3.12

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

alpinelinux alpine_linuxMatch3.11

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

alpinelinux alpine_linuxMatch3.10

openjdk8 openjdk8Match8.242.08-r0os

AND

alpinelinux alpine_linuxMatch3.11

openjdk8 openjdk8Match8.242.08-r0os

AND

alpinelinux alpine_linuxMatch3.10

openjdk8 openjdk8Match8.222.10-r0os

AND

alpinelinux alpine_linuxMatch3.8

openjdk8 openjdk8Match8.222.10-r0os

AND

alpinelinux alpine_linuxMatch3.7

openjdk8 openjdk8Match8.242.08-r0os

AND

alpinelinux alpine_linuxMatch3.9

openjdk7 openjdk7Match7.221.2.6.18-r2os

AND

openjdk7 openjdk7Match7.221.2.6.18-r0os

AND

openjdk7 openjdk7Match7.221.2.6.18-r1os

AND

alpinelinux alpine_linuxMatchedge

openjdk11 openjdk11Match11.0.7_p10-r1os

AND

openjdk11 openjdk11Match11.0.6_p10-r0os

AND

openjdk11 openjdk11Match11.0.6_p10-r1os

AND

alpinelinux alpine_linuxMatchedge

openjdk8 openjdk8Match8.242.08-r0os

AND

openjdk8 openjdk8Match8.242.08-r1os

AND

openjdk8 openjdk8Match8.242.08-r2os

AND

alpinelinux alpine_linuxMatchedge

java-11-openjdk java-11-openjdkMatch11.0.8.10_0.el7_8

java-11-openjdk java-11-openjdkMatch11.0.3.7_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.8.10_1.el7

java-11-openjdk java-11-openjdkMatch11.0.2.7_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.ea.28_7.el7

java-11-openjdk java-11-openjdkMatch11.0.3.7_1.el7

java-11-openjdk java-11-openjdkMatch11.0.4.11_0.el7_6

java-11-openjdk java-11-openjdkMatch11.0.4.11_1.el7_7

java-11-openjdk java-11-openjdkMatch11.0.5.10_0.el7_7

java-11-openjdk java-11-openjdkMatch11.0.6.10_1.el7_7

java-11-openjdk java-11-openjdkMatch11.0.6.10_3.el7

java-11-openjdk java-11-openjdkMatch11.0.1.13_3.el7_6

java-11-openjdk java-11-openjdkMatch11.0.7.10_4.el7_8

java-11-openjdk java-11-openjdkMatch11.0.3.7_2.el8_0

java-11-openjdk java-11-openjdkMatch11.0.5.10_2.el8_1

java-11-openjdk java-11-openjdkMatch11.0.8.10_5.el8

java-11-openjdk java-11-openjdkMatch11.0.5.10_0.el8_0

java-11-openjdk java-11-openjdkMatch11.0.4.11_0.el8_0

java-11-openjdk java-11-openjdkMatch11.0.6.10_4.el8

java-11-openjdk java-11-openjdkMatch11.0.7.10_1.el8_1

java-11-openjdk java-11-openjdkMatch11.0.2.7_2.el8

java-11-openjdk java-11-openjdkMatch11.0.6.10_0.el8_1

java-11-openjdk java-11-openjdkMatch11.0.8.10_0.el8_2

java-11-openjdk java-11-openjdkMatch11.0.8.10_6.el8

java-11-openjdk java-11-openjdkMatch11.0.8.1_0.1.ea.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.31_7.b13.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_0.el7_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_7.b13.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_3.b13.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_8.b10.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.262.b10_1.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b03_1.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_0.el7_5

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_2.b14.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_7.b10.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_2.b14.el7_4

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.242.b08_0.el7_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.242.b08_1.el7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_2.el7_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_1.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.60_2.b27.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_1.b16.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_1.el7_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.212.b04_0.el7_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.65_2.b17.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.262.b10_0.el7_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_30.b13.ael7b_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.262.b10_0.el8_2

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.242.b08_0.el8_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.265.b01_4.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_2.el8_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_2.el8_1

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el8_0

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_0.el8_0

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.265.b01_0.el8_2

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_7.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.265.b01_3.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_4.el8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_3.el8_2

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.265.b01_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.77_0.b03.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.252.b09_2.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.262.b10_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_35.b13.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.45_28.b13.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_3.b10.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.20_3.b26.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.121_1.b13.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.161_3.b14.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_2.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.191.b12_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.201.b09_1.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.144_0.b01.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.31_1.b13.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_3.b14.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.141_2.b16.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.111_1.b15.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_0.b14.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.232.b09_1.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.91_1.b14.el6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.131_0.b11.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.181_3.b13.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.212.b04_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.222.b10_0.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.65_0.b17.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.101_3.b13.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.141_3.b16.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_3.b16.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.71_1.b15.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_0.b16.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.151_1.b12.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.171_8.b10.el6_9

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.111_0.b15.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.51_1.b16.el6_7

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.25_3.b17.el6_6

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.121_0.b13.el6_8

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.242.b07_1.el6_10

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.25_1.b17.el6

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2020/10/msg00031.html
access	www.access.redhat.com/security/updates/classification/
access	www.access.redhat.com/errata/RHSA-2020:4307
debian	www.debian.org/security/2020/dsa-4779
security	www.security.gentoo.org/glsa/202101-19
security	www.security.netapp.com/advisory/ntap-20201023-0004/
oracle	www.oracle.com/security-alerts/cpuoct2020.html
lists	www.lists.opensuse.org/opensuse-security-announce/2020-11/msg00041.html

13 May 2022 16:34Current

4.2Medium risk

Vulners AI Score4.2

CVSS 3.13.1

CVSS 22.6

EPSS0.00134

SSVC