Vulnerabilities > CVE-2021-3859 - Information Exposure Through Process Environment vulnerability in multiple products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

redhat

netapp

CWE-214

NVD

Published: 2022-08-26

Updated: 2022-12-13

Summary

A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Jboss Enterprise Application Platform 7.3 Redhat Jboss Enterprise Application Platform 7.4 Redhat Undertow - Redhat Undertow 1.0.0 Redhat Undertow 1.0.1 Redhat Undertow 1.0.2 Redhat Undertow 1.0.3 Redhat Undertow 1.0.4 Redhat Undertow 1.0.5 Redhat Undertow 1.0.6 Redhat Undertow 1.0.7 Redhat Undertow 1.0.8 Redhat Undertow 1.0.9 Redhat Undertow 1.0.10 Redhat Undertow 1.0.11 Redhat Undertow 1.0.12 Redhat Undertow 1.0.13 Redhat Undertow 1.0.14 Redhat Undertow 1.0.15 Redhat Undertow 1.0.16 Redhat Undertow 1.0.17 Redhat Undertow 1.0.18 Redhat Undertow 1.0.19 Redhat Undertow 1.1.0 Redhat Undertow 1.1.1 Redhat Undertow 1.1.2 Redhat Undertow 1.1.3 Redhat Undertow 1.1.4 Redhat Undertow 1.1.5 Redhat Undertow 1.1.6 Redhat Undertow 1.1.7 Redhat Undertow 1.1.8 Redhat Undertow 1.1.9 Redhat Undertow 1.2.0 Redhat Undertow 1.2.1 Redhat Undertow 1.2.2 Redhat Undertow 1.2.3 Redhat Undertow 1.2.4 Redhat Undertow 1.2.5 Redhat Undertow 1.2.6 Redhat Undertow 1.2.7 Redhat Undertow 1.2.8 Redhat Undertow 1.2.9 Redhat Undertow 1.2.10 Redhat Undertow 1.2.11 Redhat Undertow 1.2.12 Redhat Undertow 1.3.0 Redhat Undertow 1.3.1 Redhat Undertow 1.3.2 Redhat Undertow 1.3.3 Redhat Undertow 1.3.4 Redhat Undertow 1.3.5 Redhat Undertow 1.3.6 Redhat Undertow 1.3.7 Redhat Undertow 1.3.8 Redhat Undertow 1.3.9 Redhat Undertow 1.3.10 Redhat Undertow 1.3.11 Redhat Undertow 1.3.12 Redhat Undertow 1.3.13 Redhat Undertow 1.3.14 Redhat Undertow 1.3.15 Redhat Undertow 1.3.16 Redhat Undertow 1.3.17 Redhat Undertow 1.3.18 Redhat Undertow 1.3.19 Redhat Undertow 1.3.20 Redhat Undertow 1.3.21 Redhat Undertow 1.3.22 Redhat Undertow 1.3.23 Redhat Undertow 1.3.24 Redhat Undertow 1.3.25 Redhat Undertow 1.3.26 Redhat Undertow 1.3.27 Redhat Undertow 1.3.28 Redhat Undertow 1.3.29 Redhat Undertow 1.3.30 Redhat Undertow 1.3.31 Redhat Undertow 1.3.32 Redhat Undertow 1.3.33 Redhat Undertow 1.4.0 Redhat Undertow 1.4.1 Redhat Undertow 1.4.2 Redhat Undertow 1.4.3 Redhat Undertow 1.4.4 Redhat Undertow 1.4.5 Redhat Undertow 1.4.6 Redhat Undertow 1.4.7 Redhat Undertow 1.4.8 Redhat Undertow 1.4.10 Redhat Undertow 1.4.11 Redhat Undertow 1.4.12 Redhat Undertow 1.4.13 Redhat Undertow 1.4.14 Redhat Undertow 1.4.15 Redhat Undertow 1.4.16 Redhat Undertow 1.4.17 Redhat Undertow 1.4.18 Redhat Undertow 1.4.19 Redhat Undertow 1.4.20 Redhat Undertow 1.4.21 Redhat Undertow 1.4.22 Redhat Undertow 1.4.23 Redhat Undertow 1.4.24 Redhat Undertow 1.4.25 Redhat Undertow 1.4.26 Redhat Undertow 1.4.27 Redhat Undertow 1.4.28 Redhat Undertow 2.0.0 Redhat Undertow 2.0.1 Redhat Undertow 2.0.2 Redhat Undertow 2.0.3 Redhat Undertow 2.0.4 Redhat Undertow 2.0.5 Redhat Undertow 2.0.6 Redhat Undertow 2.0.7 Redhat Undertow 2.0.8 Redhat Undertow 2.0.9 Redhat Undertow 2.0.10 Redhat Undertow 2.0.11 Redhat Undertow 2.0.12 Redhat Undertow 2.0.13 Redhat Undertow 2.0.14 Redhat Undertow 2.0.15 Redhat Undertow 2.0.16 Redhat Undertow 2.0.17 Redhat Undertow 2.0.18 Redhat Undertow 2.0.19 Redhat Undertow 2.0.20 Redhat Undertow 2.0.21 Redhat Undertow 2.0.22 Redhat Undertow 2.0.23 Redhat Undertow 2.0.24 Redhat Undertow 2.0.25 Redhat Undertow 2.0.26 Redhat Undertow 2.0.27 Redhat Undertow 2.0.28 Redhat Undertow 2.0.29 Redhat Undertow 2.0.30 Redhat Undertow 2.0.31 Redhat Undertow 2.0.32 Redhat Undertow 2.0.33 Redhat Undertow 2.0.34 Redhat Undertow 2.0.35 Redhat Undertow 2.0.36 Redhat Undertow 2.0.39 Redhat Undertow 2.1.0 Redhat Undertow 2.1.1 Redhat Undertow 2.1.2 Redhat Undertow 2.1.3 Redhat Undertow 2.1.4 Redhat Undertow 2.1.5 Redhat Undertow 2.1.6 Redhat Undertow 2.1.7 Redhat Undertow 2.2.0 Redhat Undertow 2.2.1 Redhat Undertow 2.2.2 Redhat Undertow 2.2.3 Redhat Undertow 2.2.4 Redhat Undertow 2.2.5 Redhat Undertow 2.2.6 Redhat Undertow 2.2.7 Redhat Undertow 2.2.9 Redhat Undertow 2.2.10 Redhat Undertow 2.2.11 Redhat Undertow 2.2.12 Redhat Undertow 2.2.13 Redhat Undertow 2.2.14 Redhat Single Sign ON 7.5.1 Redhat Single Sign ON 7.4.10	283
Application	Netapp Netapp Oncommand Workflow Automation - Netapp Oncommand Insight - Netapp Cloud Secure Agent -	3

Common Weakness Enumeration (CWE)

CWE-214 - Information Exposure Through Process Environment

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References