Vulnerability CVE-2020-7920


Published: 2020-02-06

Description:
pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of service.

Type:

CWE-400

(Uncontrolled Resource Consumption ('Resource Exhaustion'))

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Percona -> Monitoring and management 

 References:
https://jira.percona.com/browse/PMM-5232
https://jira.percona.com/browse/PMM-5233
https://www.percona.com/blog/2020/02/03/improvements-in-pmm-bug-fixes-in-percona-server-percona-backup-for-mongodb-alert-release-roundup-2-3-2020/
https://www.percona.com/doc/percona-monitoring-and-management/2.x/release-notes/2.2.1.html

Copyright 2024, cxsecurity.com

 

Back to Top