CVE-2021-28165
Published Apr 1, 2021
Last updated a year ago
Overview
- Description
- In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
- Source
- emo@eclipse.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A69D5FF1-A151-4AF6-B5E6-35EB45DC1852",
"versionEndExcluding": "9.4.39",
"versionStartIncluding": "7.2.2"
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3008A0E3-FBFC-49AA-8867-16BD10B125DB",
"versionEndExcluding": "10.0.2",
"versionStartIncluding": "10.0.0"
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B8688FE-13CC-4598-913D-50EB38DDCBEC",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97994257-C9A4-4491-B362-E8B25B7187AB"
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E"
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19EEAA04-A7BD-4FFF-8B0B-CEE5EC09F75C"
},
{
"criteria": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "062E4E7C-55BB-46F3-8B61-5A663B565891"
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F80CB000-C477-486C-838C-B2FE82647670",
"versionEndIncluding": "8.2.4.0",
"versionStartIncluding": "8.0.0.0"
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "349C4D65-23E9-446A-8A36-94FF55686812",
"versionEndIncluding": "8.2.4.0",
"versionStartIncluding": "8.0.0.0"
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5E43770-8F83-4077-9EB0-3BF4A19A2E75",
"versionEndExcluding": "21.3"
},
{
"criteria": "cpe:2.3:a:oracle:siebel_core_-_automation:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEAB4771-C33C-4151-AEAE-A6D2C892C3C8",
"versionEndIncluding": "21.9"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E071B1A-A339-4622-9150-59F62B151353",
"versionEndExcluding": "2.277.3"
},
{
"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB777690-DCA0-4E68-B30E-E997A1281D4E",
"versionEndExcluding": "2.286"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C30E9A12-5B7B-42F6-B9D3-18DA133E5F4E",
"versionEndExcluding": "3.9.8"
},
{
"criteria": "cpe:2.3:a:netapp:e-series_performance_analyzer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC05F69D-6C6B-472D-87B7-84231F14CA8B",
"versionEndExcluding": "3.0"
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D179365A-1E70-4B07-B882-FD082FE2AA58",
"versionEndExcluding": "11.70.1",
"versionStartIncluding": "11.0.0"
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage:*:*:*:*:*:vcenter:*:*",
"vulnerable": true,
"matchCriteriaId": "3930F108-9019-4B4A-8918-6CE9F58551D2",
"versionEndExcluding": "1.10"
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services:*:*:*:*:*:web_services_proxy:*:*",
"vulnerable": true,
"matchCriteriaId": "FCB4EAC3-3114-43DF-89DA-879C7C578FB4",
"versionEndExcluding": "5.1"
},
{
"criteria": "cpe:2.3:a:netapp:ontap_tools:*:*:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "E28AE83F-D666-4EDC-A276-F78F3A73D716",
"versionEndExcluding": "9.10"
},
{
"criteria": "cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB15BCF1-1B1D-49D8-9B76-46DCB10044DB"
},
{
"criteria": "cpe:2.3:a:netapp:santricity_web_services_proxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A21FA571-8C10-4633-802D-6C20A8290145",
"versionEndExcluding": "5.1"
},
{
"criteria": "cpe:2.3:a:netapp:snapcenter:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04A544A2-C80D-488B-AC04-104F9FB3FA85",
"versionEndExcluding": "4.6"
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "20E0A1CE-7467-4EAC-877D-D6D473AE0AA2",
"versionEndExcluding": "9.10"
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BC51CBC-4973-4145-945C-56035034D772",
"versionEndExcluding": "9.10"
}
],
"operator": "OR"
}
]
}
]