Skip to main content

Java Software Development Kit

4 CVEs product

Monthly

CVE-2019-0741 HIGH PATCH This Week

An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Microsoft Information Disclosure Java Software Development Kit
NVD
CVSS 3.0
7.5
EPSS
7.4%
CVE-2019-0729 CRITICAL PATCH Act Now

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Microsoft Information Disclosure Java Software Development Kit
NVD
CVSS 3.0
9.8
EPSS
3.1%
CVE-2018-8479 MEDIUM PATCH This Month

A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure C Software Development Kit Java Software Development Kit
NVD
CVSS 3.0
5.6
EPSS
2.1%
CVE-2018-8119 MEDIUM PATCH This Month

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability.". Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Java Microsoft Information Disclosure C Software Development Kit Csharp Software Development Kit +1
NVD
CVSS 3.0
5.6
EPSS
1.1%
EPSS 7% CVSS 7.5
HIGH PATCH This Week

An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Microsoft Information Disclosure +1
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 5.6
MEDIUM PATCH This Month

A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure C Software Development Kit +1
NVD
EPSS 1% CVSS 5.6
MEDIUM PATCH This Month

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability.". Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Java Microsoft Information Disclosure +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy