fkie_cve-2020-2778
Vulnerability from fkie_nvd
Published
2020-04-15 14:15
Modified
2024-11-21 05:26
Severity ?
Summary
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:jdk:11.0.6:*:*:*:*:*:*:*", matchCriteriaId: "441D7EFC-92F3-4F5B-ADDB-A4BF241F546E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdk:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "84457AF5-BF82-449E-8576-F34DD338BBE0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:11.0.6:*:*:*:*:*:*:*", matchCriteriaId: "6E5E08E5-823D-4F57-BA0A-603F8E680419", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "89D95157-3487-4421-A5E3-801B987625B5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", matchCriteriaId: "A8ADAA7A-7951-40D7-B1B1-78944D954209", versionEndIncluding: "11.0.6", versionStartIncluding: "11", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", matchCriteriaId: "ECA4E3C8-0E29-47F3-8FE6-5EB7AB469AAA", versionEndIncluding: "13.0.2", versionStartIncluding: "13", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:-:*:*:*:*:*:*", matchCriteriaId: "E78B7C5A-FA51-41E4-AAB0-C6DED2EFCF4C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update1:*:*:*:*:*:*", matchCriteriaId: "02011EDC-20A7-4A16-A592-7C76E0037997", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update10:*:*:*:*:*:*", matchCriteriaId: "AC6D4652-1226-4C60-BEDF-01EBF8AC0849", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update101:*:*:*:*:*:*", matchCriteriaId: "3C1F9ED7-7D93-41F4-9130-15BA734420AC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update11:*:*:*:*:*:*", matchCriteriaId: "1CF9CDF1-95D3-4125-A73F-396D2280FC4E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update111:*:*:*:*:*:*", matchCriteriaId: "A13266DC-F8D9-4F30-987F-65BBEAF8D3A8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update121:*:*:*:*:*:*", matchCriteriaId: "C28388AB-CFC9-4749-A90F-383F5B905EA9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update13:*:*:*:*:*:*", matchCriteriaId: "DA1B00F9-A81C-48B7-8DAA-F394DDF323F3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update131:*:*:*:*:*:*", matchCriteriaId: "CA7AD457-6CE6-4925-8D94-A907B40233D9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update141:*:*:*:*:*:*", matchCriteriaId: "A6F3FDD1-7CAC-4B84-ABB7-64E9D3FBD708", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update15:*:*:*:*:*:*", matchCriteriaId: "5480E5AD-DB46-474A-9B57-84ED088A75FA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update151:*:*:*:*:*:*", matchCriteriaId: "881A4AE9-6012-4E91-98BE-0A352CC20703", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update161:*:*:*:*:*:*", matchCriteriaId: "7E1E1079-57D9-473B-A017-964F4745F329", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update17:*:*:*:*:*:*", matchCriteriaId: "B8D6446E-2915-4F12-87BE-E7420BC2626E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update171:*:*:*:*:*:*", matchCriteriaId: "564EDCE3-16E6-401D-8A43-032D1F8875E1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update181:*:*:*:*:*:*", matchCriteriaId: "08278802-D31B-488A-BA6A-EBC816DF883A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update191:*:*:*:*:*:*", matchCriteriaId: "72BDA05A-C8BD-472E-8465-EE1F3E5D8CF6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update2:*:*:*:*:*:*", matchCriteriaId: "7BBB0969-565E-43E2-B067-A10AAA5F1958", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update201:*:*:*:*:*:*", matchCriteriaId: "D78BE95D-6270-469A-8035-FCDDB398F952", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update21:*:*:*:*:*:*", matchCriteriaId: "88C24F40-3150-4584-93D9-8307DE04EEE9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update211:*:*:*:*:*:*", matchCriteriaId: "E0FC5A03-FF11-4787-BBF1-3ACF93A21F2D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update221:*:*:*:*:*:*", matchCriteriaId: "19626B36-62FC-4497-A2E1-7D6CD9839B19", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update231:*:*:*:*:*:*", matchCriteriaId: "5713AEBD-35F6-44E8-A0CC-A42830D7AE20", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update241:*:*:*:*:*:*", matchCriteriaId: "8BE0C04B-440E-4B35-ACC8-6264514F764C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update25:*:*:*:*:*:*", matchCriteriaId: "555EC2A6-0475-48ED-AE0C-B306714A9333", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update251:*:*:*:*:*:*", matchCriteriaId: "EC1CF2AD-3F7A-4EF3-BD41-117A21553A9F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update3:*:*:*:*:*:*", matchCriteriaId: "C242D3BE-9114-4A9E-BB78-45754C7CC450", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update4:*:*:*:*:*:*", matchCriteriaId: "D61068FE-18EE-4ADB-BC69-A3ECE8724575", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update40:*:*:*:*:*:*", matchCriteriaId: "EFB59E80-4EC4-4399-BF40-6733E4E475A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update45:*:*:*:*:*:*", matchCriteriaId: "84E31265-22E1-4E91-BFCB-D2AFF445926A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update5:*:*:*:*:*:*", matchCriteriaId: "AB3A58C3-94BB-4120-BE1D-AAF8BBF7F22B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update51:*:*:*:*:*:*", matchCriteriaId: "50319E52-8739-47C5-B61E-3CA9B6A9A48F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update55:*:*:*:*:*:*", matchCriteriaId: "7ED515B9-DC74-4DC5-B98A-08D87D85E11E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update6:*:*:*:*:*:*", matchCriteriaId: "6D1D4868-1F9F-43F7-968C-6469B67D3F1B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update60:*:*:*:*:*:*", matchCriteriaId: "568F1AC4-B0D7-4438-82E5-0E61500F2240", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update65:*:*:*:*:*:*", matchCriteriaId: "F5E99B4A-EDAD-4471-81C4-7E9C775C9D9F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update67:*:*:*:*:*:*", matchCriteriaId: "14E9133E-9FF3-40DB-9A11-7469EF5FD265", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update7:*:*:*:*:*:*", matchCriteriaId: "94834710-3FA9-49D9-8600-B514CBCA4270", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update72:*:*:*:*:*:*", matchCriteriaId: "4228D9E1-7D82-4B49-9669-9CDAD7187432", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update76:*:*:*:*:*:*", matchCriteriaId: "F6231F48-2936-4F7D-96D5-4BA11F78EBE8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update80:*:*:*:*:*:*", matchCriteriaId: "D96D5061-4A81-497E-9AD6-A8381B3B454C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update85:*:*:*:*:*:*", matchCriteriaId: "5345C21E-A01B-43B9-9A20-F2783D921C60", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update9:*:*:*:*:*:*", matchCriteriaId: "B219F360-83BD-4111-AB59-C9D4F55AF4C0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update91:*:*:*:*:*:*", matchCriteriaId: "D25377EA-8E8F-4C76-8EA9-3BBDFB352815", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update95:*:*:*:*:*:*", matchCriteriaId: "59FEFE05-269A-4EAF-A80F-E4C2107B1197", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update97:*:*:*:*:*:*", matchCriteriaId: "E7E2AA7C-F602-4DB7-9EC1-0708C46C253C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:7:update99:*:*:*:*:*:*", matchCriteriaId: "FB70E154-A304-429E-80F5-8D87B00E32D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:-:*:*:*:*:*:*", matchCriteriaId: "70892D06-6E75-4425-BBF0-4B684EC62A1C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update101:*:*:*:*:*:*", matchCriteriaId: "18DCFF53-B298-4534-AB5C-8A5EF59C616F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update102:*:*:*:*:*:*", matchCriteriaId: "083419F8-FDDF-4E36-88F8-857DB317C1D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update11:*:*:*:*:*:*", matchCriteriaId: "D7A74F65-57E8-4C9A-BA96-5EF401504F13", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update111:*:*:*:*:*:*", matchCriteriaId: "0D0B90FC-57B6-4315-9B29-3C36E58B2CF5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update112:*:*:*:*:*:*", matchCriteriaId: "07812576-3C35-404C-A7D7-9BE9E3D76E00", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update121:*:*:*:*:*:*", matchCriteriaId: "00C52B1C-5447-4282-9667-9EBE0720B423", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update131:*:*:*:*:*:*", matchCriteriaId: "92BB9EB0-0C12-4E77-89EE-FB77097841B8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update141:*:*:*:*:*:*", matchCriteriaId: "FF9D5DCE-2E8F-42B9-9038-AEA7E8C8CFFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update151:*:*:*:*:*:*", matchCriteriaId: "ABC0E7BB-F8B7-4369-9910-71240E4073A3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update152:*:*:*:*:*:*", matchCriteriaId: "551B2640-8CEC-4C24-AF8B-7A7CEF864D9D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update161:*:*:*:*:*:*", matchCriteriaId: "0AE30779-48FB-451E-8CE1-F469F93B8772", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update162:*:*:*:*:*:*", matchCriteriaId: "60590FDE-7156-4314-A012-AA38BD2ADDC9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update171:*:*:*:*:*:*", matchCriteriaId: "BE51AD3A-8331-4E8F-9DB1-7A0051731DFB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update172:*:*:*:*:*:*", matchCriteriaId: "F24F6122-2256-41B6-9033-794C6424ED99", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update181:*:*:*:*:*:*", matchCriteriaId: "0EAFA79E-8C7A-48CF-8868-11378FE4B26F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update191:*:*:*:*:*:*", matchCriteriaId: "D1D6F19F-59B5-4BB6-AD35-013384025970", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update192:*:*:*:*:*:*", matchCriteriaId: "E7BA97BC-3ADA-465A-835B-6C3C5F416B56", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update20:*:*:*:*:*:*", matchCriteriaId: "B71F77A4-B7EB-47A1-AAFD-431A7D040B86", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update201:*:*:*:*:*:*", matchCriteriaId: "91D6BEA9-5943-44A4-946D-CEAA9BA99376", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update202:*:*:*:*:*:*", matchCriteriaId: "C079A3E0-44EB-4B9C-B4FC-B7621D165C3B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update211:*:*:*:*:*:*", matchCriteriaId: "2CB74086-14B8-4237-8357-E0C6B5BB8313", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update212:*:*:*:*:*:*", matchCriteriaId: "3ABED20A-7C34-4E86-9AFB-F4DC9ECBB3A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update221:*:*:*:*:*:*", matchCriteriaId: "00C2B9C9-1177-4DA6-96CE-55F37F383F99", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update231:*:*:*:*:*:*", matchCriteriaId: "12A3F367-33AD-47C3-BFDC-871A17E72C94", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update241:*:*:*:*:*:*", matchCriteriaId: "78261932-7373-4F16-91E0-1A72ADBEBC3E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update25:*:*:*:*:*:*", matchCriteriaId: "B38C0276-0EBD-4E0B-BFCF-4DDECACE04E2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update31:*:*:*:*:*:*", matchCriteriaId: "F8483034-DD5A-445D-892F-CDE90A7D58EE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update40:*:*:*:*:*:*", matchCriteriaId: "8279718F-878F-4868-8859-1728D13CD0D8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update45:*:*:*:*:*:*", matchCriteriaId: "2C024E1A-FD2C-42E8-B227-C2AFD3040436", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update5:*:*:*:*:*:*", matchCriteriaId: "4F24389D-DDD0-4204-AA24-31C920A4F47E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update51:*:*:*:*:*:*", matchCriteriaId: "966979BE-1F21-4729-B6B8-610F74648344", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update60:*:*:*:*:*:*", matchCriteriaId: "F8534265-33BF-460D-BF74-5F55FDE50F29", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update65:*:*:*:*:*:*", matchCriteriaId: "F77AFC25-1466-4E56-9D5F-6988F3288E16", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update66:*:*:*:*:*:*", matchCriteriaId: "A650BEB8-E56F-4E42-9361-8D2DB083F0F8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update71:*:*:*:*:*:*", matchCriteriaId: "799FFECD-E80A-44B3-953D-CDB5E195F3AA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update72:*:*:*:*:*:*", matchCriteriaId: "A7047507-7CAF-4A14-AA9A-5CEF806EDE98", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update73:*:*:*:*:*:*", matchCriteriaId: "CFC7B179-95D3-4F94-84F6-73F1034A1AF2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update74:*:*:*:*:*:*", matchCriteriaId: "9FB28526-9385-44CA-AF08-1899E6C3AE4D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update77:*:*:*:*:*:*", matchCriteriaId: "E26B69E4-0B43-415F-A82B-52FDCB262B3E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update91:*:*:*:*:*:*", matchCriteriaId: "27BC4150-70EC-462B-8FC5-20B3442CBB31", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:8:update92:*:*:*:*:*:*", matchCriteriaId: "02646989-ECD9-40AE-A83E-EFF4080C69B9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:openjdk:14:*:*:*:*:*:*:*", matchCriteriaId: "F46E15B6-86D8-4B16-B3E9-B1CAAA354E7F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "7EF6650C-558D-45C8-AE7D-136EE70CB6D7", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "8C5DA53D-744B-4087-AEA9-257F18949E4D", versionEndIncluding: "11.70.2", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*", matchCriteriaId: "1AEFF829-A8F2-4041-8DDF-E705DB3ADED2", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*", matchCriteriaId: "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "A372B177-F740-4655-865C-31777A6E140B", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*", matchCriteriaId: "64DE38C8-94F1-4860-B045-F33928F676A8", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*", matchCriteriaId: "25BBBC1A-228F-45A6-AE95-DB915EDF84BD", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:*", matchCriteriaId: "D239B58A-9386-443D-B579-B56AE2A500BC", versionEndIncluding: "9.0.4", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*", matchCriteriaId: "8ADFF451-740F-4DBA-BD23-3881945D3E40", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).", }, { lang: "es", value: "Vulnerabilidad en el producto Java SE de Oracle Java SE (componente: JSSE). Las versiones compatibles que están afectadas son Java SE: 11.0.6 y 14. Una vulnerabilidad difícil de explotar permite a un atacante no autenticado con acceso a la red por medio de HTTPS comprometer a Java SE. Los ataques con éxito de esta vulnerabilidad pueden resultar en un acceso de lectura no autorizado a un subconjunto de datos accesibles de Java SE. Nota: Se aplica a la implementación de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada por medio de aplicaciones Java Web Start dentro del sandbox y applets de Java dentro del sandbox. También puede ser explotada al proporcionar datos hacia las API en el Componente especificado sin usar aplicaciones de Java Web Start dentro del sandbox o applets de Java dentro del sandbox, tal y como por medio de un servicio web. CVSS 3.0 Puntuación Base 3.7 (Impactos de la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).", }, ], id: "CVE-2020-2778", lastModified: "2024-11-21T05:26:14.757", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "secalert_us@oracle.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T14:15:26.843", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00000.html", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200416-0004/", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4337-1/", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4662", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200416-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4337-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4662", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.