Описание
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 0.12.1-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | not-affected | 0.12.1-1 |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needed |
| groovy | ignored | end of life |
Показывать по
4.3 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.
An issue was discovered in Prosody before 0.11.9. The proxy65 componen ...
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.
Уязвимость компонента proxy65 сервера для Jabber/XMPP Prosody, связанная с отсутствием механизма авторизации, позволяющая нарушителю вызвать отказ в обслуживании
4.3 Medium
CVSS2
5.3 Medium
CVSS3