VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-8dca-phs2-aaab

Essentials
Severities (123)
References (20)
Severity details (43)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-8dca-phs2-aaab
Aliases	CVE-2020-10650 GHSA-rpr3-cw39-3pxh GMS-2022-2955
Summary	jackson-databind before 2.9.10.4 vulnerable to unsafe deserialization
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-502	Deserialization of Untrusted Data
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00756	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00756	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00756	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00756	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.00759	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.05253	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
epss	0.09454	https://api.first.org/data/v1/epss?cve=CVE-2020-10650
cvssv3.1	8.1	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	8.1	https://github.com/advisories/GHSA-rpr3-cw39-3pxh
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-rpr3-cw39-3pxh
ssvc	Track*	https://github.com/advisories/GHSA-rpr3-cw39-3pxh
cvssv3.1	7.5	https://github.com/FasterXML/jackson-databind
cvssv3.1	8.1	https://github.com/FasterXML/jackson-databind
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind
cvssv3.1	8.1	https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef
ssvc	Track*	https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef
cvssv3.1	8.1	https://github.com/FasterXML/jackson-databind/issues/2658
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind/issues/2658
ssvc	Track*	https://github.com/FasterXML/jackson-databind/issues/2658
cvssv3.1	8.1	https://github.com/FasterXML/jackson-databind/pull/2864
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind/pull/2864
cvssv3.1	8.1	https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19
generic_textual	HIGH	https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19
cvssv3.1	8.1	https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html
ssvc	Track*	https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html
cvssv3.1	8.1	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
cvssv3.1	8.8	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
generic_textual	HIGH	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
ssvc	Track*	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
cvssv3.1	8.1	https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
cvssv3.1	9.8	https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
generic_textual	CRITICAL	https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
generic_textual	HIGH	https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
cvssv3	8.1	https://nvd.nist.gov/vuln/detail/CVE-2020-10650
cvssv3.1	8.1	https://nvd.nist.gov/vuln/detail/CVE-2020-10650
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2020-10650
cvssv3.1	8.1	https://security.netapp.com/advisory/ntap-20230818-0007
generic_textual	HIGH	https://security.netapp.com/advisory/ntap-20230818-0007
cvssv3.1	8.1	https://security.netapp.com/advisory/ntap-20230818-0007/
ssvc	Track*	https://security.netapp.com/advisory/ntap-20230818-0007/
cvssv3.1	8.1	https://www.oracle.com/security-alerts/cpujan2021.html
cvssv3.1	9.8	https://www.oracle.com/security-alerts/cpujan2021.html
generic_textual	CRITICAL	https://www.oracle.com/security-alerts/cpujan2021.html
generic_textual	HIGH	https://www.oracle.com/security-alerts/cpujan2021.html
ssvc	Track*	https://www.oracle.com/security-alerts/cpujan2021.html
cvssv3.1	8.1	https://www.oracle.com/security-alerts/cpuoct2022.html
generic_textual	HIGH	https://www.oracle.com/security-alerts/cpuoct2022.html
ssvc	Track*	https://www.oracle.com/security-alerts/cpuoct2022.html

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2020-10650
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10650
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/FasterXML/jackson-databind
		https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef
		https://github.com/FasterXML/jackson-databind/issues/2658
		https://github.com/FasterXML/jackson-databind/pull/2864
		https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19
		https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html
		https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
		https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
		https://security.netapp.com/advisory/ntap-20230818-0007
		https://security.netapp.com/advisory/ntap-20230818-0007/
		https://www.oracle.com/security-alerts/cpujan2021.html
		https://www.oracle.com/security-alerts/cpuoct2022.html
cpe:2.3:a:fasterxml:jackson-databind::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
CVE-2020-10650		https://nvd.nist.gov/vuln/detail/CVE-2020-10650
GHSA-rpr3-cw39-3pxh		https://github.com/advisories/GHSA-rpr3-cw39-3pxh

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/advisories/GHSA-rpr3-cw39-3pxh

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/ Found at https://github.com/advisories/GHSA-rpr3-cw39-3pxh

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/FasterXML/jackson-databind

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/ Found at https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/issues/2658

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/ Found at https://github.com/FasterXML/jackson-databind/issues/2658

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/pull/2864

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/ Found at https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/ Found at https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10650

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10650

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://security.netapp.com/advisory/ntap-20230818-0007

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://security.netapp.com/advisory/ntap-20230818-0007/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/ Found at https://security.netapp.com/advisory/ntap-20230818-0007/

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpujan2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpujan2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/ Found at https://www.oracle.com/security-alerts/cpujan2021.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuoct2022.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/ Found at https://www.oracle.com/security-alerts/cpuoct2022.html

Exploit Prediction Scoring System (EPSS)

Percentile	0.80895
EPSS Score	0.00756
Published At	Dec. 17, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.