Denial of Service Vulnerability in RemoteMessageChannel

Denial of Service Vulnerability in RemoteMessageChannel

CVE-2018-1041 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.

Learn more about our Web Application Penetration Testing UK.