7.5

CVE-2017-7684

Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. An attacker can cause a denial of service by uploading multiple large files to the server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheOpenmeetings Version1.0.0
ApacheOpenmeetings Version2.0
ApacheOpenmeetings Version2.1
ApacheOpenmeetings Version2.1.1
ApacheOpenmeetings Version2.2.0
ApacheOpenmeetings Version3.0.0
ApacheOpenmeetings Version3.0.1
ApacheOpenmeetings Version3.0.2
ApacheOpenmeetings Version3.0.3
ApacheOpenmeetings Version3.0.4
ApacheOpenmeetings Version3.0.5
ApacheOpenmeetings Version3.0.6
ApacheOpenmeetings Version3.0.7
ApacheOpenmeetings Version3.1.0
ApacheOpenmeetings Version3.1.1
ApacheOpenmeetings Version3.1.2
ApacheOpenmeetings Version3.1.3
ApacheOpenmeetings Version3.1.4
ApacheOpenmeetings Version3.1.5
ApacheOpenmeetings Version3.2.0
ApacheOpenmeetings Version3.2.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.81% 0.847
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

http://markmail.org/message/v6dpmrdd6cgg66up
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/99584
Third Party Advisory
VDB Entry