A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14297 | Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Dec 2023, 17:55
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat jboss-ejb-client
|
|
CPE | cpe:2.3:a:redhat:jboss-ejb-client:*:*:*:*:*:*:*:* |
12 Feb 2023, 23:39
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable. |
02 Feb 2023, 21:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A flaw was found in Wildfly's EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability. |
Information
Published : 2020-07-24 16:15
Updated : 2023-12-29 17:55
NVD link : CVE-2020-14297
Mitre link : CVE-2020-14297
CVE.ORG link : CVE-2020-14297
JSON object : View
Products Affected
redhat
- jboss_fuse
- amq
- single_sign-on
- openshift_application_runtimes
- jboss-ejb-client
- jboss_enterprise_application_platform_continuous_delivery
CWE
CWE-400
Uncontrolled Resource Consumption