Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.
History

Fri, 08 Nov 2024 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Eclipse
Eclipse jetty
Weaknesses CWE-770
CPEs cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*
Vendors & Products Eclipse
Eclipse jetty

Tue, 15 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 15 Oct 2024 01:30:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Low


Mon, 14 Oct 2024 15:30:00 +0000

Type Values Removed Values Added
Description Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.
Title Jetty PushSessionCacheFilter can cause remote DoS attacks
Weaknesses CWE-400
References
Metrics cvssV3_1

{'score': 3.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: eclipse

Published: 2024-10-14T15:07:10.942Z

Updated: 2024-10-15T17:42:50.434Z

Reserved: 2024-07-15T17:35:50.791Z

Link: CVE-2024-6762

cve-icon Vulnrichment

Updated: 2024-10-15T17:42:46.395Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-14T16:15:03.930

Modified: 2024-11-08T21:29:51.237

Link: CVE-2024-6762

cve-icon Redhat

Severity : Low

Publid Date: 2024-10-14T15:07:10Z

Links: CVE-2024-6762 - Bugzilla