CVE-2022-23913 - Vulnerability Details

Vendors	Products
Apache	Activemq Artemis
Netapp	Active Iq Unified Manager Oncommand Workflow Automation
Redhat	Amq Broker Jboss Enterprise Application Platform Jboss Enterprise Application Platform Eus Jboss Enterprise Bpms Platform Jboss Fuse Red Hat Single Sign On

Package	CPE	Advisory	Released Date
Red Hat AMQ 7.10.0
artemis-commons	cpe:/a:redhat:amq_broker:7	RHSA-2022:5101	2022-06-16T00:00:00Z
Red Hat Fuse 7.11
artemis-commons	cpe:/a:redhat:jboss_fuse:7	RHSA-2022:5532	2022-07-07T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7
artemis-commons	cpe:/a:redhat:jboss_enterprise_application_platform:7.4	RHSA-2022:4922	2022-06-06T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7
eap7-activemq-artemis-0:1.5.5.016-1.redhat_00001.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:4226	2025-04-28T00:00:00Z
eap7-artemis-native-1:1.5.5.016-1.redhat_00001.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:4226	2025-04-28T00:00:00Z
eap7-jboss-xnio-base-0:3.5.11-1.Final_redhat_00001.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:4226	2025-04-28T00:00:00Z
eap7-jsoup-0:1.14.2-1.redhat_00002.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:4226	2025-04-28T00:00:00Z
eap7-undertow-0:1.4.18-14.SP13_redhat_00001.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:4226	2025-04-28T00:00:00Z
eap7-wildfly-0:7.1.10-2.GA_redhat_00002.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:4226	2025-04-28T00:00:00Z
eap7-woodstox-core-0:5.0.3-2.redhat_00002.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:4226	2025-04-28T00:00:00Z
eap7-xml-security-0:2.0.10-2.redhat_00002.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2025:4226	2025-04-28T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7
eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:4437	2025-05-05T00:00:00Z
eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:4437	2025-05-05T00:00:00Z
eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:4437	2025-05-05T00:00:00Z
eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:4437	2025-05-05T00:00:00Z
eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:4437	2025-05-05T00:00:00Z
eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:4437	2025-05-05T00:00:00Z
eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7	RHSA-2025:4437	2025-05-05T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2022:4919	2022-06-06T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2022:4918	2022-06-06T00:00:00Z
Red Hat Single Sign-On 7.6.1
	cpe:/a:redhat:red_hat_single_sign_on:7.6.1	RHSA-2022:7417	2022-11-03T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 7
rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el7sso	cpe:/a:redhat:red_hat_single_sign_on:7.6::el7	RHSA-2022:7409	2022-11-03T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 8
rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el8sso	cpe:/a:redhat:red_hat_single_sign_on:7.6::el8	RHSA-2022:7410	2022-11-03T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 9
rh-sso7-0:1-5.el9sso	cpe:/a:redhat:red_hat_single_sign_on:7.6::el9	RHSA-2022:7411	2022-11-03T00:00:00Z
rh-sso7-javapackages-tools-0:6.0.0-7.el9sso	cpe:/a:redhat:red_hat_single_sign_on:7.6::el9	RHSA-2022:7411	2022-11-03T00:00:00Z
rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el9sso	cpe:/a:redhat:red_hat_single_sign_on:7.6::el9	RHSA-2022:7411	2022-11-03T00:00:00Z
RHPAM 7.13.1 async
artemis-commons	cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13	RHSA-2022:6813	2022-10-05T00:00:00Z

Link	Providers
https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
https://nvd.nist.gov/vuln/detail/CVE-2022-23913
https://security.netapp.com/advisory/ntap-20220303-0003/
https://www.cve.org/CVERecord?id=CVE-2022-23913

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00178}`	epss `{'score': 0.00202}`

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7

Type	Values Removed	Values Added
First Time appeared		Redhat jboss Enterprise Application Platform Eus
CPEs		cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Vendors & Products		Redhat jboss Enterprise Application Platform Eus

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Apache ActiveMQ Artemis", "vendor": "Apache Software Foundation", "versions": [{"changes": [{"at": "2.19.1", "status": "unaffected"}], "lessThan": "2.20.0", "status": "affected", "version": "2.19.0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-07T15:24:43.281Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20220303-0003/"}], "source": {"advisory": "ARTEMIS-3593", "discovery": "UNKNOWN"}, "title": "Apache ActiveMQ Artemis DoS", "workarounds": [{"lang": "en", "value": "Upgrade to Apache ActiveMQ Artemis 2.20.0 or 2.19.1 (if you're still using Java 8)."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2022-23913", "STATE": "PUBLIC", "TITLE": "Apache ActiveMQ Artemis DoS"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache ActiveMQ Artemis", "version": {"version_data": [{"version_affected": "<", "version_name": "2.19.0", "version_value": "2.20.0"}, {"version_affected": "<", "version_name": "2.19.0", "version_value": "2.19.1"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}]}, "references": {"reference_data": [{"name": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2", "refsource": "MISC", "url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"}, {"name": "https://security.netapp.com/advisory/ntap-20220303-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220303-0003/"}]}, "source": {"advisory": "ARTEMIS-3593", "discovery": "UNKNOWN"}, "work_around": [{"lang": "en", "value": "Upgrade to Apache ActiveMQ Artemis 2.20.0 or 2.19.1 (if you're still using Java 8)."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:59:22.547Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20220303-0003/"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2022-23913", "datePublished": "2022-02-04T22:33:01", "dateReserved": "2022-01-24T00:00:00", "dateUpdated": "2024-08-03T03:59:22.547Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Apache ActiveMQ Artemis (string)

vendor : Apache Software Foundation (string)

versions : [ »

0 : { »

changes : [ »

0 : { »

at : 2.19.1 (string)

status : unaffected (string)

}

]

lessThan : 2.20.0 (string)

status : affected (string)

version : 2.19.0 (string)

versionType : custom (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-770 (string)

description : CWE-770 Allocation of Resources Without Limits or Throttling (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

orgId : f0158376-9dc2-43b6-827c-5f631a4d8d09 (string)

shortName : apache (string)

dateUpdated : 2023-07-07T15:24:43.281Z (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://security.netapp.com/advisory/ntap-20220303-0003/ (string)

}

]

source : { »

advisory : ARTEMIS-3593 (string)

discovery : UNKNOWN (string)

}

title : Apache ActiveMQ Artemis DoS (string)

workarounds : [ »

0 : { »

lang : en (string)

value : Upgrade to Apache ActiveMQ Artemis 2.20.0 or 2.19.1 (if you're still using Java 8). (string)

}

]

x_generator : { »

engine : Vulnogram 0.0.9 (string)

}

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@apache.org (string)

ID : CVE-2022-23913 (string)

STATE : PUBLIC (string)

TITLE : Apache ActiveMQ Artemis DoS (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Apache ActiveMQ Artemis (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_name : 2.19.0 (string)

version_value : 2.20.0 (string)

}

1 : { »

version_affected : < (string)

version_name : 2.19.0 (string)

version_value : 2.19.1 (string)

}

]

}

]

}

vendor_name : Apache Software Foundation (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory. (string)

}

]

}

generator : { »

engine : Vulnogram 0.0.9 (string)

}

impact : [ »

0 : { *empty* }

]

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : CWE-770 Allocation of Resources Without Limits or Throttling (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 (string)

refsource : MISC (string)

url : https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 (string)

}

1 : { »

name : https://security.netapp.com/advisory/ntap-20220303-0003/ (string)

refsource : CONFIRM (string)

url : https://security.netapp.com/advisory/ntap-20220303-0003/ (string)

}

]

}

source : { »

advisory : ARTEMIS-3593 (string)

discovery : UNKNOWN (string)

}

work_around : [ »

0 : { »

lang : en (string)

value : Upgrade to Apache ActiveMQ Artemis 2.20.0 or 2.19.1 (if you're still using Java 8). (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T03:59:22.547Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://security.netapp.com/advisory/ntap-20220303-0003/ (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : f0158376-9dc2-43b6-827c-5f631a4d8d09 (string)

assignerShortName : apache (string)

cveId : CVE-2022-23913 (string)

datePublished : 2022-02-04T22:33:01 (string)

dateReserved : 2022-01-24T00:00:00 (string)

dateUpdated : 2024-08-03T03:59:22.547Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:activemq_artemis:*:*:*:*:*:*:*:*", "matchCriteriaId": "18C0F17A-A27D-40E9-9ACE-5BD86A02BA54", "versionEndExcluding": "2.19.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory."}, {"lang": "es", "value": "En Apache ActiveMQ Artemis versiones anteriores a 2.20.0 o 2.19.1, un atacante podr\u00eda interrumpir parcialmente la disponibilidad (DoS) mediante el consumo no controlado de recursos de la memoria"}], "id": "CVE-2022-23913", "lastModified": "2024-11-21T06:49:27.153", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-04T23:15:15.827", "references": [{"source": "security@apache.org", "tags": ["Exploit", "Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220303-0003/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220303-0003/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "security@apache.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:apache:activemq_artemis:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 18C0F17A-A27D-40E9-9ACE-5BD86A02BA54 (string)

versionEndExcluding : 2.19.1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* (string)

matchCriteriaId : B55E8D50-99B4-47EC-86F9-699B67D473CE (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 5735E553-9731-4AAC-BCFF-989377F817B3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory. (string)

}

1 : { »

lang : es (string)

value : En Apache ActiveMQ Artemis versiones anteriores a 2.20.0 o 2.19.1, un atacante podría interrumpir parcialmente la disponibilidad (DoS) mediante el consumo no controlado de recursos de la memoria (string)

}

]

id : CVE-2022-23913 (string)

lastModified : 2024-11-21T06:49:27.153 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-02-04T23:15:15.827 (string)

references : [ »

0 : { »

source : security@apache.org (string)

tags : [ »

0 : Exploit (string)

1 : Issue Tracking (string)

2 : Mailing List (string)

3 : Third Party Advisory (string)

]

url : https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 (string)

}

1 : { »

source : security@apache.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://security.netapp.com/advisory/ntap-20220303-0003/ (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Issue Tracking (string)

2 : Mailing List (string)

3 : Third Party Advisory (string)

]

url : https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://security.netapp.com/advisory/ntap-20220303-0003/ (string)

}

]

sourceIdentifier : security@apache.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-770 (string)

}

]

source : security@apache.org (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-770 (string)

}

]

source : nvd@nist.gov (string)

type : Secondary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2022:5101", "cpe": "cpe:/a:redhat:amq_broker:7", "package": "artemis-commons", "product_name": "Red Hat AMQ 7.10.0", "release_date": "2022-06-16T00:00:00Z"}, {"advisory": "RHSA-2022:5532", "cpe": "cpe:/a:redhat:jboss_fuse:7", "package": "artemis-commons", "product_name": "Red Hat Fuse 7.11", "release_date": "2022-07-07T00:00:00Z"}, {"advisory": "RHSA-2022:4922", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package": "artemis-commons", "product_name": "Red Hat JBoss Enterprise Application Platform 7", "release_date": "2022-06-06T00:00:00Z"}, {"advisory": "RHSA-2025:4226", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package": "eap7-activemq-artemis-0:1.5.5.016-1.redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:4226", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package": "eap7-artemis-native-1:1.5.5.016-1.redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:4226", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package": "eap7-jboss-xnio-base-0:3.5.11-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:4226", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:4226", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package": "eap7-undertow-0:1.4.18-14.SP13_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:4226", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package": "eap7-wildfly-0:7.1.10-2.GA_redhat_00002.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:4226", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package": "eap7-woodstox-core-0:5.0.3-2.redhat_00002.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:4226", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package": "eap7-xml-security-0:2.0.10-2.redhat_00002.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date": "2025-04-28T00:00:00Z"}, {"advisory": "RHSA-2025:4437", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date": "2025-05-05T00:00:00Z"}, {"advisory": "RHSA-2025:4437", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date": "2025-05-05T00:00:00Z"}, {"advisory": "RHSA-2025:4437", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date": "2025-05-05T00:00:00Z"}, {"advisory": "RHSA-2025:4437", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date": "2025-05-05T00:00:00Z"}, {"advisory": "RHSA-2025:4437", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date": "2025-05-05T00:00:00Z"}, {"advisory": "RHSA-2025:4437", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date": "2025-05-05T00:00:00Z"}, {"advisory": "RHSA-2025:4437", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date": "2025-05-05T00:00:00Z"}, {"advisory": "RHSA-2022:4919", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2022-06-06T00:00:00Z"}, {"advisory": "RHSA-2022:4918", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2022-06-06T00:00:00Z"}, {"advisory": "RHSA-2022:7417", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6.1", "product_name": "Red Hat Single Sign-On 7.6.1", "release_date": "2022-11-03T00:00:00Z"}, {"advisory": "RHSA-2022:7409", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", "package": "rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el7sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 7", "release_date": "2022-11-03T00:00:00Z"}, {"advisory": "RHSA-2022:7410", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", "package": "rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el8sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 8", "release_date": "2022-11-03T00:00:00Z"}, {"advisory": "RHSA-2022:7411", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", "package": "rh-sso7-0:1-5.el9sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 9", "release_date": "2022-11-03T00:00:00Z"}, {"advisory": "RHSA-2022:7411", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", "package": "rh-sso7-javapackages-tools-0:6.0.0-7.el9sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 9", "release_date": "2022-11-03T00:00:00Z"}, {"advisory": "RHSA-2022:7411", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", "package": "rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el9sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 9", "release_date": "2022-11-03T00:00:00Z"}, {"advisory": "RHSA-2022:6813", "cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13", "package": "artemis-commons", "product_name": "RHPAM 7.13.1 async", "release_date": "2022-10-05T00:00:00Z"}], "bugzilla": {"description": "artemis-commons: Apache ActiveMQ Artemis DoS", "id": "2063601", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400->CWE-770", "details": ["In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory."], "name": "CVE-2022-23913", "package_state": [{"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Affected", "package_name": "artemis-commons", "product_name": "Red Hat Integration Camel K 1"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "artemis-commons", "product_name": "Red Hat JBoss Data Grid 7"}], "public_date": "2022-02-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-23913\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23913\nhttps://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"], "threat_severity": "Moderate"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2022:5101 (string)

cpe : cpe:/a:redhat:amq_broker:7 (string)

package : artemis-commons (string)

product_name : Red Hat AMQ 7.10.0 (string)

release_date : 2022-06-16T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2022:5532 (string)

cpe : cpe:/a:redhat:jboss_fuse:7 (string)

package : artemis-commons (string)

product_name : Red Hat Fuse 7.11 (string)

release_date : 2022-07-07T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2022:4922 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform:7.4 (string)

package : artemis-commons (string)

product_name : Red Hat JBoss Enterprise Application Platform 7 (string)

release_date : 2022-06-06T00:00:00Z (string)

}

3 : { »

advisory : RHSA-2025:4226 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 (string)

package : eap7-activemq-artemis-0:1.5.5.016-1.redhat_00001.1.ep7.el7 (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 (string)

release_date : 2025-04-28T00:00:00Z (string)

}

4 : { »

advisory : RHSA-2025:4226 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 (string)

package : eap7-artemis-native-1:1.5.5.016-1.redhat_00001.1.ep7.el7 (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 (string)

release_date : 2025-04-28T00:00:00Z (string)

}

5 : { »

advisory : RHSA-2025:4226 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 (string)

package : eap7-jboss-xnio-base-0:3.5.11-1.Final_redhat_00001.1.ep7.el7 (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 (string)

release_date : 2025-04-28T00:00:00Z (string)

}

6 : { »

advisory : RHSA-2025:4226 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 (string)

package : eap7-jsoup-0:1.14.2-1.redhat_00002.1.ep7.el7 (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 (string)

release_date : 2025-04-28T00:00:00Z (string)

}

7 : { »

advisory : RHSA-2025:4226 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 (string)

package : eap7-undertow-0:1.4.18-14.SP13_redhat_00001.1.ep7.el7 (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 (string)

release_date : 2025-04-28T00:00:00Z (string)

}

8 : { »

advisory : RHSA-2025:4226 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 (string)

package : eap7-wildfly-0:7.1.10-2.GA_redhat_00002.1.ep7.el7 (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 (string)

release_date : 2025-04-28T00:00:00Z (string)

}

9 : { »

advisory : RHSA-2025:4226 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 (string)

package : eap7-woodstox-core-0:5.0.3-2.redhat_00002.1.ep7.el7 (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 (string)

release_date : 2025-04-28T00:00:00Z (string)

}

10 : { »

advisory : RHSA-2025:4226 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 (string)

package : eap7-xml-security-0:2.0.10-2.redhat_00002.1.ep7.el7 (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 (string)

release_date : 2025-04-28T00:00:00Z (string)

}

11 : { »

advisory : RHSA-2025:4437 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 (string)

package : eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 (string)

release_date : 2025-05-05T00:00:00Z (string)

}

12 : { »

advisory : RHSA-2025:4437 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 (string)

package : eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 (string)

release_date : 2025-05-05T00:00:00Z (string)

}

13 : { »

advisory : RHSA-2025:4437 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 (string)

package : eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 (string)

release_date : 2025-05-05T00:00:00Z (string)

}

14 : { »

advisory : RHSA-2025:4437 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 (string)

package : eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 (string)

release_date : 2025-05-05T00:00:00Z (string)

}

15 : { »

advisory : RHSA-2025:4437 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 (string)

package : eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 (string)

release_date : 2025-05-05T00:00:00Z (string)

}

16 : { »

advisory : RHSA-2025:4437 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 (string)

package : eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 (string)

release_date : 2025-05-05T00:00:00Z (string)

}

17 : { »

advisory : RHSA-2025:4437 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 (string)

package : eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 (string)

release_date : 2025-05-05T00:00:00Z (string)

}

18 : { »

advisory : RHSA-2022:4919 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 (string)

package : eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el8eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 (string)

release_date : 2022-06-06T00:00:00Z (string)

}

19 : { »

advisory : RHSA-2022:4918 (string)

cpe : cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 (string)

package : eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el7eap (string)

product_name : Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 (string)

release_date : 2022-06-06T00:00:00Z (string)

}

20 : { »

advisory : RHSA-2022:7417 (string)

cpe : cpe:/a:redhat:red_hat_single_sign_on:7.6.1 (string)

product_name : Red Hat Single Sign-On 7.6.1 (string)

release_date : 2022-11-03T00:00:00Z (string)

}

21 : { »

advisory : RHSA-2022:7409 (string)

cpe : cpe:/a:redhat:red_hat_single_sign_on:7.6::el7 (string)

package : rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el7sso (string)

product_name : Red Hat Single Sign-On 7.6 for RHEL 7 (string)

release_date : 2022-11-03T00:00:00Z (string)

}

22 : { »

advisory : RHSA-2022:7410 (string)

cpe : cpe:/a:redhat:red_hat_single_sign_on:7.6::el8 (string)

package : rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el8sso (string)

product_name : Red Hat Single Sign-On 7.6 for RHEL 8 (string)

release_date : 2022-11-03T00:00:00Z (string)

}

23 : { »

advisory : RHSA-2022:7411 (string)

cpe : cpe:/a:redhat:red_hat_single_sign_on:7.6::el9 (string)

package : rh-sso7-0:1-5.el9sso (string)

product_name : Red Hat Single Sign-On 7.6 for RHEL 9 (string)

release_date : 2022-11-03T00:00:00Z (string)

}

24 : { »

advisory : RHSA-2022:7411 (string)

cpe : cpe:/a:redhat:red_hat_single_sign_on:7.6::el9 (string)

package : rh-sso7-javapackages-tools-0:6.0.0-7.el9sso (string)

product_name : Red Hat Single Sign-On 7.6 for RHEL 9 (string)

release_date : 2022-11-03T00:00:00Z (string)

}

25 : { »

advisory : RHSA-2022:7411 (string)

cpe : cpe:/a:redhat:red_hat_single_sign_on:7.6::el9 (string)

package : rh-sso7-keycloak-0:18.0.3-1.redhat_00001.1.el9sso (string)

product_name : Red Hat Single Sign-On 7.6 for RHEL 9 (string)

release_date : 2022-11-03T00:00:00Z (string)

}

26 : { »

advisory : RHSA-2022:6813 (string)

cpe : cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13 (string)

package : artemis-commons (string)

product_name : RHPAM 7.13.1 async (string)

release_date : 2022-10-05T00:00:00Z (string)

}

]

bugzilla : { »

description : artemis-commons: Apache ActiveMQ Artemis DoS (string)

id : 2063601 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2063601 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 7.5 (string)

cvss3_scoring_vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

status : verified (string)

}

cwe : CWE-400->CWE-770 (string)

details : [ »

0 : In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory. (string)

]

name : CVE-2022-23913 (string)

package_state : [ »

0 : { »

cpe : cpe:/a:redhat:integration:1 (string)

fix_state : Affected (string)

package_name : artemis-commons (string)

product_name : Red Hat Integration Camel K 1 (string)

}

1 : { »

cpe : cpe:/a:redhat:jboss_data_grid:7 (string)

fix_state : Out of support scope (string)

package_name : artemis-commons (string)

product_name : Red Hat JBoss Data Grid 7 (string)

}

]

public_date : 2022-02-04T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2022-23913 https://nvd.nist.gov/vuln/detail/CVE-2022-23913 https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2 (string)

]

threat_severity : Moderate (string)

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object