6.5
CVE-2021-30129
- EPSS 0.24%
- Veröffentlicht 12.07.2021 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:03:21
- Quelle security@apache.org
- CVE-Watchlists
- Unerledigt
LoginDoS/OOM leak vulnerability in Apache Mina SSHD Server
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Banking Payments Version14.5
Oracle ≫ Banking Trade Finance Version14.5
Oracle ≫ Banking Treasury Management Version14.5
Oracle ≫ Communications Cloud Native Core Console Version1.9.0
Oracle ≫ Flexcube Universal Banking Version >= 14.0.0 <= 14.3.0
Oracle ≫ Flexcube Universal Banking Version14.5
Oracle ≫ Middleware Common Libraries And Tools Version12.2.1.3.0
Oracle ≫ Middleware Common Libraries And Tools Version12.2.1.4.0
Oracle ≫ Middleware Common Libraries And Tools Version14.1.1.0.0
Oracle ≫ Oss Support Tools Version2.12.42
Oracle ≫ Retail Customer Management And Segmentation Foundation Version18.0
Oracle ≫ Retail Customer Management And Segmentation Foundation Version19.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.465 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
CWE-772 Missing Release of Resource after Effective Lifetime
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.