Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-2583
HistoryJan 15, 2020 - 5:15 p.m.

CVE-2020-2583

2020-01-1517:15:19
CWE-755
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

4.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

Affected configurations

NVD
Node
oraclejdkMatch1.7.0update241
OR
oraclejdkMatch1.8.0update231
OR
oraclejdkMatch11.0.5
OR
oraclejdkMatch13.0.1
OR
oraclejreMatch1.7.0update_241
OR
oraclejreMatch1.8.0update_231
OR
oraclejreMatch11.0.5
OR
oraclejreMatch13.0.1
Node
redhatenterprise_linuxMatch8.0
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_eusMatch7.7
OR
redhatenterprise_linux_eusMatch8.1
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_server_ausMatch7.7
OR
redhatenterprise_linux_server_tusMatch7.7
OR
redhatenterprise_linux_workstationMatch6.0
OR
redhatenterprise_linux_workstationMatch7.0
Node
oracleopenjdkMatch7-
OR
oracleopenjdkMatch7update241
OR
oracleopenjdkMatch7update80
OR
oracleopenjdkMatch7update85
OR
oracleopenjdkMatch8-
OR
oracleopenjdkMatch8update102
OR
oracleopenjdkMatch8update112
OR
oracleopenjdkMatch8update152
OR
oracleopenjdkMatch8update162
OR
oracleopenjdkMatch8update172
OR
oracleopenjdkMatch8update192
OR
oracleopenjdkMatch8update20
OR
oracleopenjdkMatch8update202
OR
oracleopenjdkMatch8update212
OR
oracleopenjdkMatch8update222
OR
oracleopenjdkMatch8update232
OR
oracleopenjdkMatch8update40
OR
oracleopenjdkMatch8update60
OR
oracleopenjdkMatch8update66
OR
oracleopenjdkMatch8update72
OR
oracleopenjdkMatch8update92
OR
oracleopenjdkMatch11
OR
oracleopenjdkMatch11.0.1
OR
oracleopenjdkMatch11.0.2
OR
oracleopenjdkMatch11.0.3
OR
oracleopenjdkMatch11.0.4
OR
oracleopenjdkMatch11.0.5
OR
oracleopenjdkMatch13
OR
oracleopenjdkMatch13.0.1
Node
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch19.10
Node
opensuseleapMatch15.1
Node
mcafeeepolicy_orchestratorMatch5.9.0
OR
mcafeeepolicy_orchestratorMatch5.9.1
OR
mcafeeepolicy_orchestratorMatch5.10.0-
OR
mcafeeepolicy_orchestratorMatch5.10.0update_1
OR
mcafeeepolicy_orchestratorMatch5.10.0update_2
OR
mcafeeepolicy_orchestratorMatch5.10.0update_3
OR
mcafeeepolicy_orchestratorMatch5.10.0update_4
OR
mcafeeepolicy_orchestratorMatch5.10.0update_5
OR
mcafeeepolicy_orchestratorMatch5.10.0update_6
OR
netappactive_iq_unified_managerRange7.3windows
OR
netappactive_iq_unified_managerRange9.5vmware_vsphere
OR
netappe-series_performance_analyzerMatch-
OR
netappe-series_santricity_managementMatch-vmware_vcenter
OR
netappe-series_santricity_os_controllerRange11.0.011.60.3
OR
netappe-series_santricity_storage_managerMatch-
OR
netappe-series_santricity_web_servicesMatch-web_services_proxy
OR
netapponcommand_insightMatch-
OR
netapponcommand_workflow_automationMatch-
OR
netappsantricity_unified_managerMatch-
OR
netappsteelstore_cloud_integrated_storageMatch-

References

Related

debiancve 1
redhatcve 1
prion 1
ibm 58
osv 4
veracode 1
cve 1
symantec 1
cvelist 1
alpinelinux 1
ubuntucve 1
f5 1
openvas 26
redhat 15
nessus 62
centos 5
suse 2
amazon 4
debian 3
mageia 1
oraclelinux 7
ubuntu 1
kaspersky 1
debiancve
debiancve
CVE-2020-2583
2020-01-15 17:15:19
redhatcve
redhatcve
CVE-2020-2583
2020-03-29 13:59:02
prion
prion
Design/Logic Flaw
2020-01-15 17:15:00
ibm
ibm
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - Includes Oracle Jan 2020 CPU affect IBM Content Classification
2020-07-17 12:03:32
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Jan 2020 CPU (CVE-2020-2583, CVE-2019-4732)
2020-07-24 22:19:08
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Jan 2020 CPU (CVE-2020-2583, CVE-2019-4732)
2020-07-24 22:19:08
osv
osv
CVE-2020-2583
2020-01-15 17:15:19
openjdk-11 - security update
2020-01-19 00:00:00
openjdk-7 - security update
2020-02-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-01-17 01:47:09
cve
cve
CVE-2020-2583
2020-01-15 17:15:19
symantec
symantec
Oracle Java SE/Java SE Embedded CVE-2020-2583 Remote Security Vulnerability
2020-01-14 00:00:00
cvelist
cvelist
CVE-2020-2583
2020-01-15 16:34:02
alpinelinux
alpinelinux
CVE-2020-2583
2020-01-15 17:15:19
ubuntucve
ubuntucve
CVE-2020-2583
2020-01-15 00:00:00
f5
f5
K62103028 : Multiple Java vulnerabilities CVE-2020-2583, CVE-2020-2590, CVE-2020-2593
2021-03-26 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:14287-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0456-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0466-1)
2021-04-19 00:00:00
redhat
redhat
(RHSA-2020:0856) Important: java-1.8.0-ibm security update
2020-03-17 12:43:46
(RHSA-2020:0470) Important: java-1.8.0-ibm security update
2020-02-11 08:12:06
(RHSA-2020:0467) Important: java-1.7.1-ibm security update
2020-02-11 08:07:44
nessus
nessus
SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2020:0456-1)
2020-02-26 00:00:00
RHEL 8 : java-1.8.0-ibm (RHSA-2020:0465)
2020-02-12 00:00:00
RHEL 6 : java-1.7.1-ibm (RHSA-2020:0467)
2020-02-12 00:00:00
centos
centos
java security update
2020-01-28 21:30:06
java security update
2020-01-28 21:23:05
java security update
2020-01-18 14:53:03
suse
suse
Security update for java-11-openjdk (important)
2020-01-28 00:00:00
Security update for java-1_8_0-openjdk (important)
2020-01-29 00:00:00
amazon
amazon
Important: java-1.8.0-openjdk
2020-02-20 01:00:00
Important: java-1.8.0-openjdk
2020-02-17 19:51:00
Important: java-1.7.0-openjdk
2020-03-16 20:58:00
debian
debian
[SECURITY] [DSA 4621-1] openjdk-8 security update
2020-02-12 22:14:32
[SECURITY] [DSA 4605-1] openjdk-11 security update
2020-01-19 21:52:05
[SECURITY] [DLA 2128-1] openjdk-7 security update
2020-02-29 12:18:39
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerabilities
2020-01-30 21:28:34
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2020-02-19 00:00:00
java-1.7.0-openjdk security update
2020-02-27 00:00:00
java-11-openjdk security update
2020-01-16 00:00:00
ubuntu
ubuntu
OpenJDK vulnerabilities
2020-01-28 00:00:00
kaspersky
kaspersky
KLA11646 Multiple vulnerabilities in Oracle JRE
2020-01-05 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

4.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON
Related for NVD:CVE-2020-2583
debiancve1redhatcve1prion1ibm58osv4veracode1cve1symantec1cvelist1alpinelinux1ubuntucve1f51openvas26redhat15nessus62centos5suse2amazon4debian3mageia1oraclelinux7ubuntu1kaspersky1