Vulnerability Description
In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Activemq Artemis | < 2.19.1 |
| Netapp | Active Iq Unified Manager | - |
| Netapp | Oncommand Workflow Automation | - |
Related Weaknesses (CWE)
References
- https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2ExploitIssue TrackingMailing List
- https://security.netapp.com/advisory/ntap-20220303-0003/Third Party Advisory
- https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2ExploitIssue TrackingMailing List
- https://security.netapp.com/advisory/ntap-20220303-0003/Third Party Advisory
FAQ
What is CVE-2022-23913?
CVE-2022-23913 is a vulnerability with a CVSS score of 7.5 (HIGH). In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
How severe is CVE-2022-23913?
CVE-2022-23913 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-23913?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Activemq Artemis, Netapp Active Iq Unified Manager, Netapp Oncommand Workflow Automation.