VWE-2019-5463 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2019-5463
This page is a chapter in Info Known Vulnerabilities

This page has been seen 314,307 times.

    • Created by on
Common NameNone
VWE-IDVWE-2019-5463
Related ReportNone
SeverityHIGH
Exploit DifficultyEASY
PlatformAffects all platforms supported by the vulnerable versions.
DescriptionDenial of Service Amplification. Content updates that affect a large number of feeds may take an infinite number of deferred requests to apply those updates.
DiscoveredDecember 30, 2019
ResolvedFebruary 5, 2020
Patches Available4.1.0 RC 1
WorkaroundUse permissions to prevent non-admin users from adding entries to feeds. Admins not to add the same content items to more than a handful of feeds.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.