CVE-2020-14326

HIGH

Redhat Integration Camel K < 4.5.6 - Denial of Service

Title source: rule
STIX 2.1

Description

A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service.

References (2)

Core 2
Core References
Issue Tracking, Vendor Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1855826
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20210713-0001/

Scores

CVSS v3 7.5
EPSS 0.0038
EPSS Percentile 59.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-400
Status published
Products (4)
netapp/oncommand_insight
org.jboss.resteasy/resteasy-bom 0 - 4.5.6.FinalMaven
redhat/integration_camel_k
redhat/resteasy 4.2.0 - 4.5.6
Published Jun 02, 2021
Tracked Since Feb 18, 2026