CVE-2021-4213

EPSS 1.2%CWE-401

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

24 ago 2022Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

Productos afectados

n/a · JSS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://access.redhat.com/security/cve/CVE-2021-4213 https://bugzilla.redhat.com/show_bug.cgi?id=2042900 https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2 https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448 https://security-tracker.debian.org/tracker/CVE-2021-4213