Code injection

2014-12-1518:59:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.1%

JSON

An unspecified endpoint in Zenoss Core through 5 Beta 3 allows remote attackers to cause a denial of service (CPU consumption) by triggering an arbitrary regular-expression match attempt, aka ZEN-15411.

CPENameOperatorVersion
zenoss_coreeq3.0.2
zenoss_coreeq2.4.0
zenoss_coreeq3.1.0
zenoss_coreeq2.5.2
zenoss_corele5.0.0
zenoss_coreeq3.2.1
zenoss_coreeq5.0.0
zenoss_coreeq4.2.4
zenoss_coreeq2.4.5
zenoss_coreeq2.5.0

Name	Operator	Version
zenoss_core	eq	3.0.2
zenoss_core	eq	2.4.0
zenoss_core	eq	3.1.0
zenoss_core	eq	2.5.2
zenoss_core	le	5.0.0
zenoss_core	eq	3.2.1
zenoss_core	eq	5.0.0
zenoss_core	eq	4.2.4
zenoss_core	eq	2.4.5
zenoss_core	eq	2.5.0