Описание
Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.0.10 (исключая)
cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00081
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-20
Связанные уязвимости
redhat
почти 11 лет назад
Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports.
CVSS3: 5.5
debian
около 8 лет назад
Apache Karaf before 4.0.10 enables a shutdown port on the loopback int ...
EPSS
Процентиль: 24%
0.00081
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-20