Lucene search

K

[email protected]NVD:CVE-2021-4213

HistoryAug 24, 2022 - 4:15 p.m.

CVE-2021-4213

2022-08-2416:15:09

CWE-401

[email protected]

web.nvd.nist.gov

1

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.004 Low

EPSS

Percentile

73.8%

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

Affected configurations

NVD

Node

dogtagpkinetwork_security_services_for_javaRange<4.9.3

OR

dogtagpkinetwork_security_services_for_javaRange5.0.0–5.1.0

Node

redhatenterprise_linuxMatch8.0

Node

debiandebian_linuxMatch10.0

OR

debiandebian_linuxMatch11.0

References

access.redhat.com/security/cve/CVE-2021-4213

bugzilla.redhat.com/show_bug.cgi?id=2042900

github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2

github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448

security-tracker.debian.org/tracker/CVE-2021-4213

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.004 Low

EPSS

Percentile

73.8%

Related for NVD:CVE-2021-4213

ubuntucve1 almalinux1 nessus8 prion1 redhat2 cve1 debiancve1 osv3 redhatcve1 oraclelinux1 rocky1 cvelist1