VYPR
Medium severity6.5NVD Advisory· Published Jul 24, 2020· Updated Jun 17, 2026

CVE-2020-14307

CVE-2020-14307

Description

A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Red Hat/wildflyv5
    Range: jboss-ejb-client versions shipped with Red Hat JBoss EAP 7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.