5.3
CVE-2020-13956
- EPSS 0.51%
- Veröffentlicht 02.12.2020 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:02:13
- Quelle security@apache.org
- Teams Watchlist Login
- Unerledigt Login
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apache ≫ Httpclient Version < 4.5.13
Apache ≫ Httpclient Version >= 5.0.0 < 5.0.3
Oracle ≫ Data Integrator Version12.2.1.3.0
Oracle ≫ Data Integrator Version12.2.1.4.0
Oracle ≫ Jd Edwards Enterpriseone Orchestrator Version < 9.2.6.0
Oracle ≫ Jd Edwards Enterpriseone Tools Version < 9.2.6.0
Oracle ≫ Nosql Database Version < 20.3
Oracle ≫ Peoplesoft Enterprise Peopletools Version8.57
Oracle ≫ Peoplesoft Enterprise Peopletools Version8.58
Oracle ≫ Peoplesoft Enterprise Pt Peopletools Version8.57
Oracle ≫ Peoplesoft Enterprise Pt Peopletools Version8.58
Oracle ≫ Peoplesoft Enterprise Pt Peopletools Version8.59
Oracle ≫ Primavera Unifier Version >= 17.7 <= 17.12
Oracle ≫ Primavera Unifier Version16.1
Oracle ≫ Primavera Unifier Version16.2
Oracle ≫ Primavera Unifier Version18.8
Oracle ≫ Primavera Unifier Version19.12
Oracle ≫ Primavera Unifier Version20.12
Oracle ≫ Retail Customer Management And Segmentation Foundation Version >= 16.0 <= 19.0
Oracle ≫ Spatial Studio Version < 20.1.1
Oracle ≫ Sql Developer Version < 20.4.1.407.0006
Netapp ≫ Active Iq Unified Manager Version- SwPlatformlinux
Netapp ≫ Active Iq Unified Manager Version- SwPlatformvmware_vsphere
Netapp ≫ Active Iq Unified Manager Version- SwPlatformwindows
Netapp ≫ Snapcenter Version-
Oracle ≫ Commerce Guided Search Version11.3.2
Oracle ≫ Communications Cloud Native Core Service Communication Proxy Version1.14.0
Oracle ≫ Sql Developer Version < 21.99
Oracle ≫ Weblogic Server Version12.2.1.4.0
Oracle ≫ Weblogic Server Version14.1.1.0.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.51% | 0.652 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|