CVE-2016-7046 Information
Description
Red Hat JBoss Enterprise Application Platform (EAP) 7 when operating as a reverse-proxy with default buffer sizes allows remote attackers to cause a denial of service (CPU and disk consumption) via a long URL.
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Reference
http://rhn.redhat.com/errata/RHSA-2016-2640.html http://rhn.redhat.com/errata/RHSA-2016-2641.html http://rhn.redhat.com/errata/RHSA-2016-2642.html http://rhn.redhat.com/errata/RHSA-2016-2657.html http://www.securityfocus.com/bid/93173 https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/errata/RHSA-2017:3455 https://access.redhat.com/errata/RHSA-2017:3456 https://access.redhat.com/errata/RHSA-2017:3458 https://bugzilla.redhat.com/show_bug.cgi?id=1376646
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
5.9
Share on: