Common Weakness Enumeration

CWE-400

Discouraged

Uncontrolled Resource Consumption

Abstraction: Class · Status: Draft

The product does not properly control the allocation and maintenance of a limited resource.

5433 vulnerabilities reference this CWE, most recent first.

GHSA-PJ65-M939-VPP3

Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48
VLAI
Details

OMICRON StationGuard before 1.10 allows remote attackers to cause a denial of service (connectivity outage) via crafted tcp/20499 packets to the CTRL Ethernet port.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-30464"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-20T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "OMICRON StationGuard before 1.10 allows remote attackers to cause a denial of service (connectivity outage) via crafted tcp/20499 packets to the CTRL Ethernet port.",
  "id": "GHSA-pj65-m939-vpp3",
  "modified": "2022-05-24T17:48:01Z",
  "published": "2022-05-24T17:48:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30464"
    },
    {
      "type": "WEB",
      "url": "https://www.omicronenergy.com/download/file/e81f23250097e7d5e1071dfbdb7f16d2"
    },
    {
      "type": "WEB",
      "url": "https://www.omicronenergy.com/en/support/product-security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-PJFV-46PV-9Q9C

Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-08-13 00:00
VLAI
Details

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1), RUGGEDCOM ROX RX1511 (All versions < V2.14.1), RUGGEDCOM ROX RX1512 (All versions < V2.14.1), RUGGEDCOM ROX RX1524 (All versions < V2.14.1), RUGGEDCOM ROX RX1536 (All versions < V2.14.1), RUGGEDCOM ROX RX5000 (All versions < V2.14.1). Affected devices write crashdumps without checking if enough space is available on the filesystem. Once the crashdump fills the entire root filesystem, affected devices fail to boot successfully. An attacker can leverage this vulnerability to cause a permanent Denial-of-Service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-41546"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-770"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-12T10:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX1400 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX1500 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX1501 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX1510 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX1511 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX1512 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX1524 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX1536 (All versions \u003c V2.14.1), RUGGEDCOM ROX RX5000 (All versions \u003c V2.14.1). Affected devices write crashdumps without checking if enough space is available on the filesystem. Once the crashdump fills the entire root filesystem, affected devices fail to boot successfully. An attacker can leverage this vulnerability to cause a permanent Denial-of-Service.",
  "id": "GHSA-pjfv-46pv-9q9c",
  "modified": "2022-08-13T00:00:37Z",
  "published": "2022-05-24T19:17:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41546"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-173565.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJMX-9XR3-82QR

Vulnerability from github – Published: 2018-07-24 19:59 – Updated: 2023-09-06 20:07
VLAI
Summary
ReDoS via long UserAgent header in useragent
Details

Affected versions of useragent are vulnerable to regular expression denial of service when an arbitrarily long User-Agent header is parsed.

Proof of Concept

var useragent = require('useragent');

var badUserAgent = 'MSIE 0.0'+Array(900000).join('0')+'XBLWP';
var request = 'GET / HTTP/1.1\r\nUser-Agent: ' + badUserAgent + '\r\n\r\n';
console.log(useragent.parse(request));

Recommendation

Update to version 2.1.13 or later.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.1.12"
      },
      "package": {
        "ecosystem": "npm",
        "name": "useragent"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-16030"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:49:26Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "Affected versions of `useragent` are vulnerable to regular expression denial of service when an arbitrarily long `User-Agent` header is parsed.\n\n\n## Proof of Concept\n```js\nvar useragent = require(\u0027useragent\u0027);\n\nvar badUserAgent = \u0027MSIE 0.0\u0027+Array(900000).join(\u00270\u0027)+\u0027XBLWP\u0027;\nvar request = \u0027GET / HTTP/1.1\\r\\nUser-Agent: \u0027 + badUserAgent + \u0027\\r\\n\\r\\n\u0027;\nconsole.log(useragent.parse(request));\n```\n\n\n## Recommendation\n\nUpdate to version 2.1.13 or later.",
  "id": "GHSA-pjmx-9xr3-82qr",
  "modified": "2023-09-06T20:07:59Z",
  "published": "2018-07-24T19:59:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16030"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-pjmx-9xr3-82qr"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/312"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "ReDoS via long UserAgent header in useragent"
}

GHSA-PJRJ-H4FG-6GM4

Vulnerability from github – Published: 2023-12-05 23:42 – Updated: 2023-12-05 23:42
VLAI
Summary
tokio-boring vulnerable to resource exhaustion via memory leak
Details

Impact

The tokio-boring library in version 4.0.0 is affected by a memory leak issue that can lead to excessive resource consumption and potential DoS by resource exhaustion. The set_ex_data function used by the library did not deallocate memory used by pre-existing data in memory each time after completing a TLS connection causing the program to consume more resources with each new connection.

Patches

The issue is fixed in version 4.1.0 of tokio-boring.

References

CVE-2023-6180 at cve.org

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "tokio-boring"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.0.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2023-6180"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-401",
      "CWE-404"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-12-05T23:42:49Z",
    "nvd_published_at": "2023-12-05T15:15:08Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe tokio-boring library in version 4.0.0 is affected by a memory leak issue that can lead to excessive resource consumption and potential DoS by resource exhaustion. The `set_ex_data` function used by the library did not deallocate memory used by pre-existing data in memory each time after completing a TLS connection causing the program to consume more resources with each new connection.\n\n### Patches\nThe issue is fixed in version 4.1.0 of tokio-boring.\n\n### References\n[CVE-2023-6180 at cve.org](https://www.cve.org/CVERecord?id=CVE-2023-6180)\n",
  "id": "GHSA-pjrj-h4fg-6gm4",
  "modified": "2023-12-05T23:42:49Z",
  "published": "2023-12-05T23:42:49Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/cloudflare/boring/security/advisories/GHSA-pjrj-h4fg-6gm4"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6180"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cloudflare/boring/commit/a32783374f2682e6949fdb713910b1b9f103d3ed"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/cloudflare/boring"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "tokio-boring vulnerable to resource exhaustion via memory leak"
}

GHSA-PJX6-JJ7C-74M7

Vulnerability from github – Published: 2022-05-24 17:22 – Updated: 2022-08-11 00:00
VLAI
Details

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions), SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions), Soft Starter ES (All versions). Sending multiple specially crafted packets to the affected service could cause a partial remote Denial-of-Service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-7587"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-07-14T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions), SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES (All versions), Soft Starter ES (All versions). Sending multiple specially crafted packets to the affected service could cause a partial remote Denial-of-Service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.",
  "id": "GHSA-pjx6-jj7c-74m7",
  "modified": "2022-08-11T00:00:20Z",
  "published": "2022-05-24T17:22:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7587"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJXW-22XF-6PWC

Vulnerability from github – Published: 2019-02-07 18:16 – Updated: 2023-09-12 21:05
VLAI
Summary
Prototype Pollution in defaults-deep
Details

All versions of defaults-deep are vulnerable to prototype pollution. Provided certain input defaults-deep can add or modify properties of the Object prototype. These properties will be present on all objects.

Recommendation

As no patch is currently available for this vulnerability it is our recommendation to select another module that can provide this functionality.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "defaults-deep"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.2.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-16486"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-345",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:49:31Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "All versions of `defaults-deep` are vulnerable to prototype pollution. Provided certain input `defaults-deep` can add or modify properties of the `Object` prototype. These properties will be present on all objects.\n\n\n## Recommendation\n\nAs no patch is currently available for this vulnerability it is our recommendation to select another module that can provide this functionality.",
  "id": "GHSA-pjxw-22xf-6pwc",
  "modified": "2023-09-12T21:05:03Z",
  "published": "2019-02-07T18:16:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16486"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/380878"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-pjxw-22xf-6pwc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jonschlinkert/defaults-deep"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/778"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype Pollution in defaults-deep"
}

GHSA-PM38-P7H6-V3QF

Vulnerability from github – Published: 2022-05-24 17:21 – Updated: 2022-05-24 17:21
VLAI
Details

An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption) via a large Slack import.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-20845"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-06-19T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption) via a large Slack import.",
  "id": "GHSA-pm38-p7h6-v3qf",
  "modified": "2022-05-24T17:21:10Z",
  "published": "2022-05-24T17:21:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20845"
    },
    {
      "type": "WEB",
      "url": "https://mattermost.com/security-updates"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-PM9P-9926-W68M

Vulnerability from github – Published: 2017-12-28 22:52 – Updated: 2021-09-16 18:15
VLAI
Summary
Denial of Service in ecstatic
Details

ecstatic, a simple static file server middleware, is vulnerable to denial of service. If a payload with a large number of null bytes (%00) is provided by an attacker it can crash ecstatic by running it out of memory.

Results from the original advisory

A payload of 22kB caused a lag of 1 second,
A payload of 35kB caused a lag of 3 seconds,
A payload of 86kB caused the server to crash

Recommendation

Update to version 2.0.0 or later.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "ecstatic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2016-10703"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:49:34Z",
    "nvd_published_at": "2017-12-14T19:29:00Z",
    "severity": "HIGH"
  },
  "details": "`ecstatic`, a simple static file server middleware, is vulnerable to denial of service. If a payload with a large number of null bytes (`%00`) is provided by an attacker it can crash ecstatic by running it out of memory.\n\n\n[Results from the original advisory](https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/)\n\n```\nA payload of 22kB caused a lag of 1 second,\nA payload of 35kB caused a lag of 3 seconds,\nA payload of 86kB caused the server to crash\n```\n\n\n## Recommendation\n\nUpdate to version 2.0.0 or later.",
  "id": "GHSA-pm9p-9926-w68m",
  "modified": "2021-09-16T18:15:09Z",
  "published": "2017-12-28T22:52:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10703"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01#diff-b2b5a88fb51675f1aa1065c093dce1ee"
    },
    {
      "type": "WEB",
      "url": "https://advisory.checkmarx.net/advisory/CX-2016-4450"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-pm9p-9926-w68m"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jfhbrook/node-ecstatic"
    },
    {
      "type": "WEB",
      "url": "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/553"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Denial of Service in ecstatic"
}

GHSA-PMG9-P9R2-6Q87

Vulnerability from github – Published: 2018-07-24 19:46 – Updated: 2021-01-08 18:20
VLAI
Summary
ReDoS via long UserAgent header in ua-parser
Details

Affected versions of ua-parser are vulnerable to regular expression denial of service when given a specially crafted User-Agent header.

Recommendation

No patch is currently available for this vulnerability.

The best mitigation is currently to avoid using this package, using a different, functionally equivalent package such as useragent.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "ua-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.3.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-16086"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:49:36Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "Affected versions of `ua-parser` are vulnerable to regular expression denial of service when given a specially crafted `User-Agent` header.\n\n\n## Recommendation\n\nNo patch is currently available for this vulnerability.\n\nThe best mitigation is currently to avoid using this package, using a different, functionally equivalent package such as [useragent](https://www.npmjs.com/package/useragent).",
  "id": "GHSA-pmg9-p9r2-6q87",
  "modified": "2021-01-08T18:20:33Z",
  "published": "2018-07-24T19:46:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16086"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-pmg9-p9r2-6q87"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/316"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "ReDoS via long UserAgent header in ua-parser"
}

GHSA-PMH6-CQ54-943M

Vulnerability from github – Published: 2023-01-05 03:30 – Updated: 2025-04-07 21:31
VLAI
Details

WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation guide nor the security guide mentions this default behavior, or alerts the user about security risks on installations with very few visits.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-22622"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-05T02:15:00Z",
    "severity": "HIGH"
  },
  "details": "WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes \"the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner,\" but neither the installation guide nor the security guide mentions this default behavior, or alerts the user about security risks on installations with very few visits.",
  "id": "GHSA-pmh6-cq54-943m",
  "modified": "2025-04-07T21:31:37Z",
  "published": "2023-01-05T03:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22622"
    },
    {
      "type": "WEB",
      "url": "https://developer.wordpress.org/plugins/cron"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WordPress/WordPress/blob/dca7b5204b5fea54e6d1774689777b359a9222ab/wp-cron.php#L5-L8"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/%40thecpanelguy/the-nightmare-that-is-wpcron-php-ae31c1d3ae30"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@thecpanelguy/the-nightmare-that-is-wpcron-php-ae31c1d3ae30"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/articles/solving-unpredictable-wp-cron-problems-addressing-cve-2023-22622"
    },
    {
      "type": "WEB",
      "url": "https://wordpress.org/about/security"
    },
    {
      "type": "WEB",
      "url": "https://wordpress.org/support/article/how-to-install-wordpress"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/plugins/was/113449"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.

Mitigation
Architecture and Design
  • Mitigation of resource exhaustion attacks requires that the target system either:
  • The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
  • The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
  • recognizes the attack and denies that user further access for a given amount of time, or
  • uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Architecture and Design

Ensure that protocols have specific limits of scale placed on them.

Mitigation
Implementation

Ensure that all failures in resource allocation place the system into a safe posture.

CAPEC-147: XML Ping of the Death

An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.

CAPEC-227: Sustained Client Engagement

An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.

CAPEC-492: Regular Expression Exponential Blowup

An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.