9.9
CVE-2022-1699
- EPSS 1.02%
- Veröffentlicht 12.05.2022 16:15:07
- Zuletzt bearbeitet 21.11.2024 06:41:16
- Quelle security@huntr.dev
- CVE-Watchlists
- Unerledigt
LoginUncontrolled Resource Consumption in causefx/organizr
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.02% | 0.59 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| security@huntr.dev | 9.9 | 3.9 | 5.3 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
https://github.com/causefx/organizr/commit/e4b4cff66c526f7b5bbaef0073c92c315c29bd56
https://huntr.dev/bounties/3024b2bb-50ca-46a2-85db-1cc916791cda