CVE-2020-14577

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:jdk:1.7.0:update261:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update251:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:11.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:14.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update251:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:17

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QQUMIAON2YEFRONMIUVHAKYCIOLICDBA/', 'name': 'FEDORA-2020-5d0b4a2b5b', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/', 'name': 'FEDORA-2020-93cc9c3ef2', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CFJPOYF3CWYEPCDOAOCNFJTQIKKWPHW/', 'name': 'FEDORA-2020-e418151dc3', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/', 'name': 'FEDORA-2020-508df53719', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CFJPOYF3CWYEPCDOAOCNFJTQIKKWPHW/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQUMIAON2YEFRONMIUVHAKYCIOLICDBA/ -

27 Oct 2022, 23:00

Type Values Removed Values Added
First Time Netapp cloud Backup
Netapp oncommand Workflow Automation
Netapp storagegrid
Netapp 7-mode Transition Tool
Netapp oncommand Insight
Netapp steelstore Cloud Integrated Storage
Netapp active Iq Unified Manager
Netapp e-series Performance Analyzer
Netapp santricity Unified Manager
Netapp cloud Secure Agent
Netapp snapmanager
Netapp e-series Santricity Web Services
References (GENTOO) https://security.gentoo.org/glsa/202209-15 - (GENTOO) https://security.gentoo.org/glsa/202209-15 - Third Party Advisory
CPE cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*
cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:*

25 Sep 2022, 16:15

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202209-15 -

01 Jul 2022, 19:45

Type Values Removed Values Added
First Time Fedoraproject
Fedoraproject fedora
Opensuse leap
Debian
Opensuse
Canonical
Canonical ubuntu Linux
Debian debian Linux
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00019.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00019.html - Mailing List, Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/08/msg00021.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/08/msg00021.html - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CFJPOYF3CWYEPCDOAOCNFJTQIKKWPHW/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CFJPOYF3CWYEPCDOAOCNFJTQIKKWPHW/ - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/ - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QQUMIAON2YEFRONMIUVHAKYCIOLICDBA/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QQUMIAON2YEFRONMIUVHAKYCIOLICDBA/ - Mailing List, Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4453-1/ - (UBUNTU) https://usn.ubuntu.com/4453-1/ - Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2020/dsa-4734 - (DEBIAN) https://www.debian.org/security/2020/dsa-4734 - Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00027.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00027.html - Mailing List, Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4433-1/ - (UBUNTU) https://usn.ubuntu.com/4433-1/ - Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/ - Mailing List, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00041.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00041.html - Mailing List, Third Party Advisory
CPE cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

13 May 2022, 14:57

Type Values Removed Values Added
CPE cpe:2.3:a:oracle:jdk:1.7.0:update_261:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update_251:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update251:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update261:*:*:*:*:*:*

13 May 2022, 12:55

Type Values Removed Values Added
CPE cpe:2.3:a:oracle:jdk:1.8.0:update_251:*:*:*:*:*:* cpe:2.3:a:oracle:jdk:1.8.0:update251:*:*:*:*:*:*

Information

Published : 2020-07-15 18:15

Updated : 2023-12-10 13:27


NVD link : CVE-2020-14577

Mitre link : CVE-2020-14577

CVE.ORG link : CVE-2020-14577


JSON object : View

Products Affected

netapp

  • cloud_secure_agent
  • snapmanager
  • cloud_backup
  • storagegrid
  • santricity_unified_manager
  • steelstore_cloud_integrated_storage
  • oncommand_workflow_automation
  • e-series_performance_analyzer
  • oncommand_insight
  • e-series_santricity_os_controller
  • active_iq_unified_manager
  • 7-mode_transition_tool
  • e-series_santricity_web_services

canonical

  • ubuntu_linux

oracle

  • jdk
  • jre

opensuse

  • leap

debian

  • debian_linux

fedoraproject

  • fedora