Description

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages.

Remediation

References

https://docs.google.com/presentation/d/1eZznIciFI06_5UJrXvlLugH2-nmjfYpQO5NyNMc9RxU/edit?usp=sharing

Related Vulnerabilities

CVE-2019-10795 Vulnerability in maven package org.webjars.npm:undefsafe

CVE-2022-35961 Vulnerability in npm package @openzeppelin/contracts-upgradeable

CVE-2017-16028 Vulnerability in npm package react-native-meteor-oauth

CVE-2022-29166 Vulnerability in npm package matrix-appservice-irc

CVE-2019-1003024 Vulnerability in maven package org.jenkins-ci.plugins:script-security

Severity

High

Classification

CWE-770 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Third Party Advisory