'[oss-security] [ANNOUNCE] CVE-2020-13951 - Apache Openmeetings: DoS via public web service'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] [ANNOUNCE] CVE-2020-13951 - Apache Openmeetings: DoS via public web service
From:       Maxim Solodovnik <solomax () apache ! org>
Date:       2020-09-28 12:04:56
Message-ID: CAJmbs8gsGV2FtFMf8rqmXeZn3Rekm++kC6dP1Z879pH3moew9g () mail ! gmail ! com
[Download RAW message or body]

Severity: High

Vendor: The Apache Software Foundation

Versions Affected: 4.0.0 - 5.0.0

Description: NetTest web service can be used to perform Denial of Service attack
CVE-2020-13951

The issue was fixed in 5.0.1
All users are recommended to upgrade to Apache OpenMeetings 5.0.1

Credit: This issue was identified by Trung Le, Chi Tran, Ngo Van Thien
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic