3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.022 Low
EPSS
Percentile
89.6%
OpenAM provided by ForgeRock is an open source access management software. OpenAM contains a denial-of-service (DoS) vulnerability due to a flaw in processing Cookies (CWE-400).
When an OpenAM system is running “site” configuration with multiple instances, an authenticated attacker may be able to cause a denial-of-service (DoS).
Apply a Patch
Apply the appropriate patch according to the information provided by the developer.