Miggo Logo

CVE-2019-12406: Potential DOS attack due to unrestricted attachment count in messages

6.5

CVSS Score
3.1

Basic Information

EPSS Score
0.83138%
Published
11/8/2019
Updated
2/1/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.cxf:cxfmaven< 3.2.113.2.11
org.apache.cxf:cxfmaven>= 3.3.0, < 3.3.43.3.4
org.apache.cxf:apache-cxfmaven< 3.2.113.2.11
org.apache.cxf:apache-cxfmaven>= 3.3.0, < 3.3.43.3.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

*p**** *X* ***or* *.*.* *n* *.*.** *o*s not r*stri*t t** num**r o* m*ss*** *tt***m*nts pr*s*nt in * *iv*n m*ss***. T*is l**v*s op*n t** possi*ility o* * **ni*l o* s*rvi** typ* *tt**k, w**r* * m*li*ious us*r *r**ts * m*ss*** *ont*inin* * v*ry l*r** nu

Reasoning

No *n*lysis *v*il**l*