How severe is CVE-2020-2764?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2020-2764?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2020-2764

LOW Year: 2020

CVSS v3 Score

3.7

Low

CVSS v2 Score

4.3

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Java SE product of Oracle Java SE (component: Advanced Management Console). The supported version that is affected is Java Advanced Management Console: 2.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

CVE-2005-4780

LOW

CVSS:3.7(Low)

Cross-site scripting (XSS) vulnerability in Fidra Lighthouse CMS 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a query_string to the home...

NVD-CWE-Other2005

CVE-2016-0671

LOW

CVSS:3.7(Low)

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to OSSL Module.

NVD-CWE-Other2016

CVE-2016-0688

LOW

CVSS:3.7(Low)

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to Core Compone...

NVD-CWE-Other2016

CVE-2016-1133

LOW

CVSS:3.7(Low)

CRLF injection vulnerability in the on_req function in lib/handler/redirect.c in H2O before 1.6.2 and 1.7.x before 1.7.0-beta3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP...

NVD-CWE-Other2016

CVE-2016-1899

LOW

CVSS:3.7(Low)

CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XS...

NVD-CWE-Other2016

CVE-2016-1900

LOW

CVSS:3.7(Low)

CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP header...

NVD-CWE-Other2016

CVE-2020-2764

Vulnerability Description

Related Vulnerabilities

CVE-2005-4780

CVE-2016-0671

CVE-2016-0688

CVE-2016-1133

CVE-2016-1899

CVE-2016-1900