What is the severity of CVE-2020-14297?

CVE-2020-14297 has been classified as a high-severity vulnerability due to its potential for causing denial of service by accumulating specific EJB transaction objects.

How do I fix CVE-2020-14297?

To fix CVE-2020-14297, you should update affected packages to the remedied versions outlined in the Red Hat advisory and ensure the systems are running the latest recommended version.

What systems are affected by CVE-2020-14297?

CVE-2020-14297 affects Red Hat JBoss EAP 7 and related packages including the JBoss EJB Client.

Can CVE-2020-14297 be exploited remotely?

Yes, an attacker can remotely exploit CVE-2020-14297 to induce denial of service conditions on the affected systems.

What are the potential impacts of CVE-2020-14297?

The exploit of CVE-2020-14297 can lead to application performance degradation, causing the services to slow down and potentially become unavailable.

Vulnerability/
CVE-2020-14297

medium

6.5

CWE

400

3/7/2020

23/7/2020

24/7/2020

24/5/2022

15/10/2024

CVE-2020-14297

First published: Fri Jul 03 2020(Updated: )

A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.

Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2020-14297?
CVE-2020-14297 has been classified as a high-severity vulnerability due to its potential for causing denial of service by accumulating specific EJB transaction objects.
How do I fix CVE-2020-14297?
To fix CVE-2020-14297, you should update affected packages to the remedied versions outlined in the Red Hat advisory and ensure the systems are running the latest recommended version.
What systems are affected by CVE-2020-14297?
CVE-2020-14297 affects Red Hat JBoss EAP 7 and related packages including the JBoss EJB Client.
Can CVE-2020-14297 be exploited remotely?
Yes, an attacker can remotely exploit CVE-2020-14297 to induce denial of service conditions on the affected systems.
What are the potential impacts of CVE-2020-14297?
The exploit of CVE-2020-14297 can lead to application performance degradation, causing the services to slow down and potentially become unavailable.

collector/github-advisory-latest
alias/GHSA-qcch-9268-59jw
alias/CVE-2020-14297
collector/github-advisory
collector/redhat-cve
agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
agent/weakness
agent/references
agent/author
agent/severity
agent/event
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-cve
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-api
source/NVD
agent/software-canonical-lookup
package-manager/maven
package-manager/redhat
vendor/redhat
canonical/red hat amq
version/red hat amq/2.0
canonical/red hat jboss enterprise application platform continuous delivery
canonical/red hat jboss fuse
version/red hat jboss fuse/6.0.0
canonical/red hat openshift application runtimes
canonical/red hat single sign-on
version/red hat single sign-on/7.0
canonical/red hat jboss ejb client
version/red hat jboss ejb client/1.0.0