How severe is CVE-2020-2800?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2020-2800?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2020-2800

MEDIUM Year: 2020

CVSS v3 Score

4.8

Medium

CVSS v2 Score

5.8

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).

CVE-2016-5541

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI). Supported versions that are affected are 7.2.26 and earlier, 7.3.14 and earlier and 7.4.12 and earlier. Di...

NVD-CWE-Other2016

CVE-2017-10063

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Diff...

NVD-CWE-Other2017

CVE-2017-10149

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform). Supported versions that are affected are 9.13, 9.14, 10.1, 10.2, 15.1, 15.2, 16.1 and 16.2...

NVD-CWE-Other2017

CVE-2017-10161

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite (subcomponent: Web Services Security). Supported versions that are affected are 6.1.3.0 and 6.2....

NVD-CWE-Other2017

CVE-2017-10386

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.7. Easily exploi...

NVD-CWE-Other2017

CVE-2018-2599

MEDIUM

CVSS:4.8(Medium)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embed...

NVD-CWE-Other2018

CVE-2020-2800

Vulnerability Description

Related Vulnerabilities

CVE-2016-5541

CVE-2017-10063

CVE-2017-10149

CVE-2017-10161

CVE-2017-10386

CVE-2018-2599