A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14297 | Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Dec 2023, 17:55
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat jboss-ejb-client
|
|
CPE | cpe:2.3:a:redhat:jboss-ejb-client:*:*:*:*:*:*:*:* |
Information
Published : 2020-07-24 16:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-14297
Mitre link : CVE-2020-14297
CVE.ORG link : CVE-2020-14297
JSON object : View
Products Affected
redhat
- single_sign-on
- openshift_application_runtimes
- jboss-ejb-client
- amq
- jboss_fuse
- jboss_enterprise_application_platform_continuous_delivery
CWE
CWE-400
Uncontrolled Resource Consumption