Authorization Bypass

2020-01-1701:47:10

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

28.5%

JSON

openjdk is vulnerable to authorization bypass. Improper checks of SASL message properties in GssKrb5Base allows an attacker to perform unauthorized update, insert or delete of data.

CPENameOperatorVersion
java-11-openjdkeq11.0.5.10__2.el8_1
java-11-openjdkeq11.0.4.11__0.el7_6
java-11-openjdkeq11.0.2.7__0.el7_6
java-11-openjdkeq11.0.5.10__0.el7_7
java-11-openjdkeq11.0.5.10__0.el8_0
java-11-openjdkeq11.0.3.7__2.el8_0
java-11-openjdkeq11.0.1.13__3.el7_6
java-11-openjdkeq11.0.4.11__1.el7_7
java-11-openjdkeq11.0.3.7__1.el7
java-11-openjdkeq11.0.2.7__2.el8

Name	Operator	Version
java-11-openjdk	eq	11.0.5.10__2.el8_1
java-11-openjdk	eq	11.0.4.11__0.el7_6
java-11-openjdk	eq	11.0.2.7__0.el7_6
java-11-openjdk	eq	11.0.5.10__0.el7_7
java-11-openjdk	eq	11.0.5.10__0.el8_0
java-11-openjdk	eq	11.0.3.7__2.el8_0
java-11-openjdk	eq	11.0.1.13__3.el7_6
java-11-openjdk	eq	11.0.4.11__1.el7_7
java-11-openjdk	eq	11.0.3.7__1.el7
java-11-openjdk	eq	11.0.2.7__2.el8