Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2020-13951Uncontrolled Resource Consumption in Apache Openmeetings

CWE-400Uncontrolled Resource Consumption5 documents5 sources
Severity
7.5HIGHNVD
EPSS
73.3%
top 1.20%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apache OpenmeetingsApache Software Foundation Apache Openmeetings
Timeline
PublishedSep 30
Latest updateFeb 10

Description

Attackers can use public NetTest web service of Apache OpenMeetings 4.0.0-5.0.0 to organize denial of service attack.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDapache/openmeetings4.0.05.0.0
CVEListV5apache_software_foundation/apache_openmeetingsApache OpenMeetings 4.0.0 - 5.0.0

🔴Vulnerability Details

3
GHSA
Denial of service in Apache OpenMeetings2022-02-10
OSV
Denial of service in Apache OpenMeetings2022-02-10
CVEList
CVE-2020-13951: Attackers can use public NetTest web service of Apache OpenMeetings 42020-09-30

💥Exploits & PoCs

1
Exploit-DB
Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service2020-11-24
CVE-2020-13951 — Uncontrolled Resource Consumption | cvebase