CVE-2020-14297

A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14297 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:amq:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss-ejb-client:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform_continuous_delivery:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*

History

29 Dec 2023, 17:55

Type Values Removed Values Added
First Time Redhat jboss-ejb-client
CPE cpe:2.3:a:redhat:jboss-ejb-client:*:*:*:*:*:*:*:*

Information

Published : 2020-07-24 16:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-14297

Mitre link : CVE-2020-14297

CVE.ORG link : CVE-2020-14297


JSON object : View

Products Affected

redhat

  • single_sign-on
  • openshift_application_runtimes
  • jboss-ejb-client
  • amq
  • jboss_fuse
  • jboss_enterprise_application_platform_continuous_delivery
CWE
CWE-400

Uncontrolled Resource Consumption