CVE-2020-36179 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CISA-ADP	ADP	8.8 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Vendor	Product	Version
netapp	cloud_backup	-
netapp	service_level_manager	-
debian	debian_linux	9.0
oracle	agile_plm	9.3.6
oracle	application_testing_suite	13.3.0.1
oracle	autovue_for_agile_product_lifecycle_management	21.0.2
oracle	banking_corporate_lending_process_management	14.2
oracle	banking_corporate_lending_process_management	14.3
oracle	banking_corporate_lending_process_management	14.5
oracle	banking_credit_facilities_process_management	14.2
oracle	banking_credit_facilities_process_management	14.3
oracle	banking_credit_facilities_process_management	14.5
oracle	banking_supply_chain_finance	14.2
oracle	banking_supply_chain_finance	14.3
oracle	banking_supply_chain_finance	14.5
oracle	banking_treasury_management	14.4
oracle	banking_virtual_account_management	14.2.0
oracle	banking_virtual_account_management	14.3.0
oracle	banking_virtual_account_management	14.5.0
oracle	blockchain_platform	𝑥 ≤ 21.1.2
oracle	commerce_platform	11.3.0 ≤ 𝑥 ≤ 11.3.2
oracle	commerce_platform	11.2.0
oracle	communications_billing_and_revenue_management	7.5.0.23.0
oracle	communications_billing_and_revenue_management	12.0.0.3.0
oracle	communications_cloud_native_core_policy	1.14.0
oracle	communications_cloud_native_core_unified_data_repository	1.4.0
oracle	communications_convergent_charging_controller	12.0.4.0.0
oracle	communications_diameter_signaling_route	8.0.0.0 ≤ 𝑥 ≤ 8.5.0.0
oracle	communications_element_manager	8.2.0.0 ≤ 𝑥 ≤ 8.2.4.0
oracle	communications_evolved_communications_application_server	7.1
oracle	communications_instant_messaging_server	10.0.1.5.0
oracle	communications_network_charging_and_control	12.0.4.0.0
oracle	communications_offline_mediation_controller	12.0.0.3
oracle	communications_policy_management	12.5.0
oracle	communications_pricing_design_center	12.0.0.4.0
oracle	communications_services_gatekeeper	7.0
oracle	communications_session_report_manager	8.0.0.0 ≤ 𝑥 ≤ 8.2.2.1
oracle	communications_session_route_manager	8.2.0 ≤ 𝑥 ≤ 8.2.2.1
oracle	communications_unified_inventory_management	7.4.1
oracle	data_integrator	12.2.1.4.0
oracle	goldengate_application_adapters	19.1.0.0.0
oracle	insurance_policy_administration	11.1.0 ≤ 𝑥 ≤ 11.3.0
oracle	insurance_policy_administration	11.0.2
oracle	insurance_rules_palette	11.1.0 ≤ 𝑥 ≤ 11.3.0
oracle	insurance_rules_palette	11.0.2
oracle	jd_edwards_enterpriseone_orchestrator	𝑥 < 9.2.5.3
oracle	jd_edwards_enterpriseone_tools	𝑥 < 9.2.5.3
oracle	primavera_gateway	17.12.0 ≤ 𝑥 ≤ 17.12.11
oracle	primavera_gateway	18.8.0 ≤ 𝑥 ≤ 18.8.11
oracle	primavera_gateway	19.12.0 ≤ 𝑥 ≤ 19.12.10
oracle	primavera_gateway	20.12.0
oracle	primavera_unifier	17.7 ≤ 𝑥 ≤ 17.12
oracle	primavera_unifier	18.8
oracle	primavera_unifier	19.12
oracle	primavera_unifier	20.12
oracle	retail_customer_management_and_segmentation_foundation	16.0 ≤ 𝑥 ≤ 19.0
oracle	retail_merchandising_system	15.0.3
oracle	retail_service_backbone	14.1.3.2
oracle	retail_service_backbone	15.0.3.1
oracle	retail_service_backbone	16.0.3.0
oracle	retail_xstore_point_of_service	16.0.6
oracle	retail_xstore_point_of_service	17.0.4
oracle	retail_xstore_point_of_service	18.0.3
oracle	retail_xstore_point_of_service	19.0.2
oracle	webcenter_portal	12.2.1.3.0
oracle	webcenter_portal	12.2.1.4.0
fasterxml	jackson-databind	2.0.0 ≤ 𝑥 < 2.6.7.5
fasterxml	jackson-databind	2.7.0 ≤ 𝑥 < 2.9.10.8

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

jackson-databind

bullseye (security)	2.12.1-1+deb11u1 fixed
bullseye	2.12.1-1+deb11u1 fixed
sid	2.14.0-1 fixed
trixie	2.14.0-1 fixed
bookworm	2.14.0-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

jackson-databind

noble	needs-triage
mantic	ignored
lunar	ignored
kinetic	ignored
jammy	needs-triage
impish	ignored
hirsute	ignored
groovy	ignored
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	needs-triage