Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2020-14803

Published: 21/10/2020 Updated: 24/02/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Graalvm

Vulnerability Summary

Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle graalvm 19.3.3

oracle graalvm 19.3.4

oracle graalvm 20.2.0

oracle graalvm 20.3.0

oracle jdk 7.0

oracle jdk 8.0

oracle jdk 11.0.8

oracle jdk 15.0

oracle jre 7.0

oracle jre 8.0

oracle jre 11.0.8

oracle jre 15.0

netapp 7-mode transition tool -

netapp active iq unified manager

netapp e-series santricity os controller

netapp e-series santricity storage manager -

netapp e-series santricity web services proxy -

netapp hci management node -

netapp oncommand insight -

netapp oncommand unified manager -

netapp santricity cloud connector -

netapp santricity unified manager -

netapp snapmanager -

netapp solidfire -

netapp hci storage node -

debian debian linux 9.0

debian debian linux 10.0

opensuse leap 15.2

Vendor Advisories

Debian Security Advisories: DSA-4779-1 openjdk-11 -- security update
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which could result in denial of service, information disclosure, bypass of access/sandbox restrictions or the acceptance of untrusted certificates For the stable distribution (buster), these problems have been fixed in version 1109+11-1~deb10u1 We recommend that you upgra ...
Amazon Linux 2: ALAS2-2021-1579
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization) Supported versions that are affected are Java SE: 7u271, 8u261, 1108 and 15; Java SE Embedded: 8u261 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embe ...
Red Hat: Moderate: java-11-openjdk security and bug fix update
Synopsis Moderate: java-11-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for java-11-openjdk is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Moder ...
Red Hat: Moderate: java-11-openjdk security and bug fix update
Synopsis Moderate: java-11-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for java-11-openjdk is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Com ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vu ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Moderate A ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Red Hat: Moderate: java-1.8.0-openjdk security and bug fix update
Synopsis Moderate: java-180-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sc ...
Red Hat: Moderate: java-1.8.0-openjdk security update
Synopsis Moderate: java-180-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Red Hat: Moderate: java-11-openjdk security and bug fix update
Synopsis Moderate: java-11-openjdk security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...
Red Hat: Moderate: java-11-openjdk security update
Synopsis Moderate: java-11-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...
Amazon Linux AMI: ALAS-2021-1460
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization) Supported versions that are affected are Java SE: 7u271, 8u261, 1108 and 15; Java SE Embedded: 8u261 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embe ...
Hitachi Security Advisories: Vulnerability in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
A vulnerability (CVE-2020-14803) exists in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Affected products and versions are listed below Please upgrade your version to the appropriate version, or apply the Workarounds The product name in Hitach ...
Hitachi Security Advisories: Vulnerability in Cosminexus
A vulnerability (CVE-2020-14803) exists in Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java Affected products and versions are listed below Please upgrade your version to the appropriate version These vulnerabilities exist in Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java which is a com ...
Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexus
Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803 Affected products and versions are listed below Please upgrade your version to the appropriate versio ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803(*1) Affected products and v ...

References

NVD-CWE-noinfohttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://security.netapp.com/advisory/ntap-20201023-0004/https://www.debian.org/security/2020/dsa-4779https://lists.debian.org/debian-lts-announce/2020/10/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-11/msg00041.htmlhttps://www.oracle.com/security-alerts/cpujan2021.htmlhttps://security.gentoo.org/glsa/202101-19https://nvd.nist.govhttps://www.debian.org/security/2020/dsa-4779
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook