CVE-2020-11973 in Enterprise Manager Base Platforminfo

Summary

Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/21/2020

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
168217	Oracle Enterprise Manager Base Platform Reporting deserialization	502	Not defined	Official fix	CVE-2020-11973
163125	Oracle FLEXCUBE Private Banking deserialization	502	Not defined	Official fix	CVE-2020-11973
163018	Oracle Communications Diameter Signaling Router IDIH deserialization	502	Not defined	Official fix	CVE-2020-11973
155278	Apache Camel Netty deserialization	502	Not defined	Official fix	CVE-2020-11973

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!