Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability - CVE-2023-3171 - Vulnerability Database
Jboss EAP

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability - CVE-2023-3171

High
Reference: CVE-2023-3171
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-3171
Title: Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability
Overview:

A flaw was found in EAP-7 during deserialization of certain classes which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes which could eventually exhaust the heap and result in a Denial of Service.