A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an malicious user to craft a denial of service attack to make the service unavailable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss fuse 6.0.0 |
||
redhat single sign-on 7.0 |
||
redhat openshift application runtimes - |
||
redhat jboss enterprise application platform continuous delivery - |
||
redhat amq 2.0 |