Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-35492
HistoryOct 05, 2021 - 4:15 p.m.

Design/Logic Flaw

2021-10-0516:15:00
PRIOn knowledge base
www.prio-n.com
3

6.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.1%

Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability through the Virtual Host Monitoring section by requesting random virtual-host historical data and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. (Manual intervention is required to free filesystem resources and return the application to an operational state.)

CPENameOperatorVersion
streaming_enginele4.8.11

6.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.1%

Related for PRION:CVE-2021-35492