Rewterz Threat Advisory – New ‘Shadow Attack’ Manipulates Digitally Signed PDF Files
July 24, 2020Rewterz Threat Alert – Lockscreen Ransomware Phishing Leads To Google Play Card Scam
July 27, 2020Rewterz Threat Advisory – New ‘Shadow Attack’ Manipulates Digitally Signed PDF Files
July 24, 2020Rewterz Threat Alert – Lockscreen Ransomware Phishing Leads To Google Play Card Scam
July 27, 2020Severity
Medium
Analysis Summary
Red Hat JBoss Enterprise Application Platform is vulnerable to a denial of service, caused by not removing SessionOpenInvocations properly in the Enterprise Java Beans (EJB) client in Wildfly. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to make the service unavailable and results in a denial of service condition.
Impact
Denial of service
Affected Vendors
RedHat
Affected Products
Red Hat JBoss Enterprise Application Platform 7
Remediation
Upgrade to the latest version of JBoss Enterprise Application Platform.