CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11973

Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.095

EPSS Ranking 92.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2020-11973

Apache » Camel » Version: 2.22.0

cpe:2.3:a:apache:camel:2.22.0
Apache » Camel » Version: 2.22.1

cpe:2.3:a:apache:camel:2.22.1
Apache » Camel » Version: 2.22.2

cpe:2.3:a:apache:camel:2.22.2
Apache » Camel » Version: 2.22.3

cpe:2.3:a:apache:camel:2.22.3
Apache » Camel » Version: 2.22.4

cpe:2.3:a:apache:camel:2.22.4
Apache » Camel » Version: 2.22.5

cpe:2.3:a:apache:camel:2.22.5
Apache » Camel » Version: 2.23.0

cpe:2.3:a:apache:camel:2.23.0
Apache » Camel » Version: 2.23.1

cpe:2.3:a:apache:camel:2.23.1
Apache » Camel » Version: 2.23.2

cpe:2.3:a:apache:camel:2.23.2
Apache » Camel » Version: 2.23.3

cpe:2.3:a:apache:camel:2.23.3
Apache » Camel » Version: 2.23.4

cpe:2.3:a:apache:camel:2.23.4
Apache » Camel » Version: 2.24.0

cpe:2.3:a:apache:camel:2.24.0
Apache » Camel » Version: 2.24.1

cpe:2.3:a:apache:camel:2.24.1
Apache » Camel » Version: 2.24.2

cpe:2.3:a:apache:camel:2.24.2
Apache » Camel » Version: 2.24.3

cpe:2.3:a:apache:camel:2.24.3
Apache » Camel » Version: 2.25.0

cpe:2.3:a:apache:camel:2.25.0
Apache » Camel » Version: 3.0.0

cpe:2.3:a:apache:camel:3.0.0
Apache » Camel » Version: 3.0.1

cpe:2.3:a:apache:camel:3.0.1
Apache » Camel » Version: 3.1.0

cpe:2.3:a:apache:camel:3.1.0
Oracle » Communications Diameter Signaling Router » Version: 8.0.0

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0
Oracle » Communications Diameter Signaling Router » Version: 8.0.0.0

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0.0
Oracle » Communications Diameter Signaling Router » Version: 8.1

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1
Oracle » Communications Diameter Signaling Router » Version: 8.2

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2
Oracle » Communications Diameter Signaling Router » Version: 8.2.1

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1
Oracle » Communications Diameter Signaling Router » Version: 8.2.2

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.2
Oracle » Communications Diameter Signaling Router » Version: 8.3

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3
Oracle » Communications Diameter Signaling Router » Version: 8.3.0.0

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3.0.0
Oracle » Communications Diameter Signaling Router » Version: 8.4

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4
Oracle » Communications Diameter Signaling Router » Version: 8.4.0.0

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0
Oracle » Communications Diameter Signaling Router » Version: 8.4.0.5

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.5
Oracle » Communications Diameter Signaling Router » Version: 8.5.0

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0
Oracle » Enterprise Manager Base Platform » Version: 13.3.0.0

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0
Oracle » Enterprise Manager Base Platform » Version: 13.4.0.0

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0
Oracle » Flexcube Private Banking » Version: 12.0.0

cpe:2.3:a:oracle:flexcube_private_banking:12.0.0
Oracle » Flexcube Private Banking » Version: 12.1.0

cpe:2.3:a:oracle:flexcube_private_banking:12.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11973

Products

Pricing

Contact Us