First published: Tue Jan 14 2020(Updated: )
An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
Credit: secalert_us@oracle.com secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/java | <1.8.0-openjdk-1:1.8.0.242.b07-1.el6_10 | 1.8.0-openjdk-1:1.8.0.242.b07-1.el6_10 |
redhat/java | <1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el6_10 | 1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el6_10 |
redhat/java | <1.7.1-ibm-1:1.7.1.4.60-1jpp.1.el6_10 | 1.7.1-ibm-1:1.7.1.4.60-1jpp.1.el6_10 |
redhat/java | <1.8.0-ibm-1:1.8.0.6.5-1jpp.1.el6_10 | 1.8.0-ibm-1:1.8.0.6.5-1jpp.1.el6_10 |
redhat/java | <1.8.0-openjdk-1:1.8.0.242.b08-0.el7_7 | 1.8.0-openjdk-1:1.8.0.242.b08-0.el7_7 |
redhat/java | <1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el7_7 | 1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el7_7 |
redhat/java | <1.7.1-ibm-1:1.7.1.4.60-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.4.60-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-1:1.8.0.6.5-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.6.5-1jpp.1.el7 |
redhat/java | <1.8.0-openjdk-1:1.8.0.242.b08-0.el8_1 | 1.8.0-openjdk-1:1.8.0.242.b08-0.el8_1 |
redhat/java | <1.8.0-ibm-1:1.8.0.6.5-1.el8_1 | 1.8.0-ibm-1:1.8.0.6.5-1.el8_1 |
redhat/java | <1.8.0-openjdk-1:1.8.0.242.b08-0.el8_0 | 1.8.0-openjdk-1:1.8.0.242.b08-0.el8_0 |
debian/openjdk-8 | 8u422-b05-1 | |
Oracle Java SE 7 | =1.7.0-update241 | |
Oracle Java SE 7 | =1.8.0-update231 | |
Oracle JRE | =1.8.0-update231 | |
OpenJDK 8 | =7 | |
OpenJDK 8 | =7-update241 | |
OpenJDK 8 | =7-update80 | |
OpenJDK 8 | =7-update85 | |
OpenJDK 8 | =8 | |
OpenJDK 8 | =8-update102 | |
OpenJDK 8 | =8-update112 | |
OpenJDK 8 | =8-update152 | |
OpenJDK 8 | =8-update162 | |
OpenJDK 8 | =8-update172 | |
OpenJDK 8 | =8-update192 | |
OpenJDK 8 | =8-update20 | |
OpenJDK 8 | =8-update202 | |
OpenJDK 8 | =8-update212 | |
OpenJDK 8 | =8-update222 | |
OpenJDK 8 | =8-update232 | |
OpenJDK 8 | =8-update40 | |
OpenJDK 8 | =8-update60 | |
OpenJDK 8 | =8-update66 | |
OpenJDK 8 | =8-update72 | |
OpenJDK 8 | =8-update92 | |
Debian Linux | =8.0 | |
Debian Linux | =9.0 | |
Ubuntu | =16.04 | |
Ubuntu | =18.04 | |
Ubuntu | =19.10 | |
NetApp Active IQ Unified Manager | >=7.3 | |
NetApp Active IQ Unified Manager for VMware vSphere | >=9.5 | |
NetApp E-Series Performance Analyzer | ||
NetApp E-Series SANtricity Management Plug-ins for VMware vCenter | ||
NetApp E-Series SANtricity OS Controller | >=11.0.0<=11.60.1 | |
NetApp SANtricity Storage Manager | ||
NetApp E-Series SANtricity Web Services | ||
NetApp OnCommand Insight | ||
NetApp OnCommand Workflow Automation | ||
NetApp E-Series SANtricity Unified Manager | ||
NetApp SteelStore Cloud Integrated Storage | ||
SUSE Linux | =15.1 | |
Red Hat Enterprise Linux | =8.0 | |
Red Hat Enterprise Linux Desktop | =6.0 | |
Red Hat Enterprise Linux Desktop | =7.0 | |
Red Hat Enterprise Linux Server EUS | =7.7 | |
Red Hat Enterprise Linux Server EUS | =8.1 | |
Red Hat Enterprise Linux Server | =6.0 | |
Red Hat Enterprise Linux Server | =7.0 | |
Red Hat Enterprise Linux Server | =7.7 | |
Red Hat Enterprise Linux Server | =7.7 | |
Red Hat Enterprise Linux Workstation | =6.0 | |
Red Hat Enterprise Linux Workstation | =7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
The vulnerability ID is CVE-2020-2659.
The severity level of CVE-2020-2659 is low, with a severity value of 3.7.
The affected versions are Java SE 7u241 and 8u231, and Java SE Embedded 8u231.
An unauthenticated attacker with network access can exploit CVE-2020-2659 through multiple protocols.
You can find more information about CVE-2020-2659 at the following references: [Oracle Security Alerts](https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA) and [Red Hat Security Advisory](https://access.redhat.com/errata/RHSA-2020:0157,https://access.redhat.com/errata/RHSA-2020:0196).