Rewterz Threat Advisory – IBM API Connect information disclosure
March 16, 2021Informative Update – Microsoft Exchange One-Click On-Premises Mitigation Tool
March 16, 2021Rewterz Threat Advisory – IBM API Connect information disclosure
March 16, 2021Informative Update – Microsoft Exchange One-Click On-Premises Mitigation Tool
March 16, 2021Severity
High
Analysis Summary
CVE-2021-27576
Apache OpenMeetings is vulnerable to a denial of service, caused by a flaw in the NetTest web service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to overload the bandwidth of the server, and results in a denial of service condition.
Impact
Denial of service
Affected Vendors
Apache
Affected Products
- Apache OpenMeetings 4.0.0
- Apache OpenMeetings 5.0.0
- Apache OpenMeetings 5.1.0
Remediation
Upgrade to the latest version of OpenMeetings (6.0.0 or later)