CVE-2020-2767

Priority
Description
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE).
Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult
to exploit vulnerability allows unauthenticated attacker with network
access via HTTPS to compromise Java SE. Successful attacks of this
vulnerability can result in unauthorized update, insert or delete access to
some of Java SE accessible data as well as unauthorized read access to a
subset of Java SE accessible data. Note: Applies to client and server
deployment of Java. This vulnerability can be exploited through sandboxed
Java Web Start applications and sandboxed Java applets. It can also be
exploited by supplying data to APIs in the specified Component without
using sandboxed Java Web Start applications or sandboxed Java applets, such
as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and
Integrity impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
Notes
sbeattieonly affects openjdk 11 and 14
Package
Upstream:released (14.0.1+7-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):needs-triage
Ubuntu 20.04 LTS (Focal Fossa):released (14.0.1+7-1ubuntu1)
Ubuntu 20.10 (Groovy Gorilla):released (14.0.1+7-1ubuntu1)
Package
Upstream:not-affected (openjdk 11 and newer)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (openjdk-11 and newer)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (openjdk-11 and newer)
Ubuntu 19.10 (Eoan Ermine):not-affected (openjdk-11 and newer)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (openjdk-11 and newer)
Ubuntu 20.10 (Groovy Gorilla):not-affected (openjdk-11 and newer)
Package
Upstream:released (11.0.7+10-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (11.0.7+10-2ubuntu2~18.04)
Ubuntu 19.10 (Eoan Ermine):released (11.0.7+10-2ubuntu2~19.10)
Ubuntu 20.04 LTS (Focal Fossa):released (11.0.7+10-2ubuntu1)
Ubuntu 20.10 (Groovy Gorilla):released (11.0.7+10-2ubuntu1)
More Information

Updated: 2020-05-29 00:14:22 UTC (commit 7449d4c0164f389447e661b61727ba1c93f0ab71)