CVE-2014-7246
The CVE-2014-7246 entry concerns OpenAM Core Server versions 9.5.3–9.5.5, 10.0.0–10.0.2, 10.1.0-Xpress, and 11.0.0–11.0.2. A denial-of-service (infinite loop) can be triggered by a crafted cookie in requests when deployed in a multi-server configuration and accessed by remote authenticated users....