Attacker Value
Unknown
CVE-2011-4461
CVE-2011-4461
(Last updated October 04, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
5.3 Medium
Impact Score:
1.4
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
Low
General Information
Vendors
- mortbay,
- oracle
Products
- jetty,
- jetty 1.0,
- jetty 1.0.1,
- jetty 1.1,
- jetty 1.1.1,
- jetty 1.2.0,
- jetty 1.3.0,
- jetty 1.3.1,
- jetty 1.3.2,
- jetty 1.3.3,
- jetty 1.3.4,
- jetty 1.3.5,
- jetty 2.0,
- jetty 2.0.0,
- jetty 2.0.1,
- jetty 2.0.2,
- jetty 2.0.3,
- jetty 2.0.4,
- jetty 2.0.5,
- jetty 2.1.0,
- jetty 2.1.1,
- jetty 2.1.2,
- jetty 2.1.3,
- jetty 2.1.4,
- jetty 2.1.5,
- jetty 2.1.6,
- jetty 2.1.7,
- jetty 2.1.b0,
- jetty 2.1.b1,
- jetty 2.2,
- jetty 2.2.0,
- jetty 2.2.1,
- jetty 2.2.2,
- jetty 2.2.3,
- jetty 2.2.4,
- jetty 2.2.5,
- jetty 2.2.6,
- jetty 2.2.7,
- jetty 2.2.8,
- jetty 2.3.0,
- jetty 2.3.0a,
- jetty 2.3.1,
- jetty 2.3.2,
- jetty 2.3.3,
- jetty 2.3.4,
- jetty 2.3.5,
- jetty 2.4.0,
- jetty 2.4.1,
- jetty 2.4.2,
- jetty 2.4.3,
- jetty 2.4.4,
- jetty 2.4.5,
- jetty 2.4.6,
- jetty 2.4.7,
- jetty 2.4.8,
- jetty 2.4.9,
- jetty 3.0,
- jetty 3.0.0,
- jetty 3.0.1,
- jetty 3.0.2,
- jetty 3.0.3,
- jetty 3.0.4,
- jetty 3.0.5,
- jetty 3.0.6,
- jetty 3.0.a0,
- jetty 3.0.a1,
- jetty 3.0.a2,
- jetty 3.0.a3,
- jetty 3.0.a4,
- jetty 3.0.a5,
- jetty 3.0.a6,
- jetty 3.0.a7,
- jetty 3.0.a8,
- jetty 3.0.a9,
- jetty 3.0.a90,
- jetty 3.0.a91,
- jetty 3.0.a92,
- jetty 3.0.a93,
- jetty 3.0.a94,
- jetty 3.0.a95,
- jetty 3.0.a96,
- jetty 3.0.a97,
- jetty 3.0.a98,
- jetty 3.0.a99,
- jetty 3.0.b01,
- jetty 3.0.b02,
- jetty 3.0.b03,
- jetty 3.0.b04,
- jetty 3.0.b05,
- jetty 3.1,
- jetty 3.1.0,
- jetty 3.1.1,
- jetty 3.1.2,
- jetty 3.1.3,
- jetty 3.1.4,
- jetty 3.1.5,
- jetty 3.1.6,
- jetty 3.1.7,
- jetty 3.1.8,
- jetty 3.1.9,
- jetty 4.0,
- jetty 4.0.0,
- jetty 4.0.1,
- jetty 4.0.2,
- jetty 4.0.3,
- jetty 4.0.4,
- jetty 4.0.5,
- jetty 4.0.6,
- jetty 4.0.b0,
- jetty 4.0.b1,
- jetty 4.0.b2,
- jetty 4.0.d0,
- jetty 4.0.d1,
- jetty 4.0.d2,
- jetty 4.0.d3,
- jetty 4.0.d4,
- jetty 4.1.0,
- jetty 4.1.1,
- jetty 4.1.2,
- jetty 4.1.3,
- jetty 4.1.4,
- jetty 4.1.b0,
- jetty 4.1.b1,
- jetty 4.1.d0,
- jetty 4.1.d1,
- jetty 4.1.d2,
- jetty 4.2,
- jetty 4.2.0,
- jetty 4.2.1,
- jetty 4.2.10,
- jetty 4.2.11,
- jetty 4.2.12,
- jetty 4.2.14,
- jetty 4.2.15,
- jetty 4.2.16,
- jetty 4.2.17,
- jetty 4.2.18,
- jetty 4.2.19,
- jetty 4.2.2,
- jetty 4.2.20,
- jetty 4.2.21,
- jetty 4.2.22,
- jetty 4.2.23,
- jetty 4.2.24,
- jetty 4.2.25,
- jetty 4.2.26,
- jetty 4.2.27,
- jetty 4.2.3,
- jetty 4.2.4,
- jetty 4.2.5,
- jetty 4.2.6,
- jetty 4.2.7,
- jetty 4.2.8 01,
- jetty 4.2.9,
- jetty 5.0,
- jetty 5.0.0,
- jetty 5.1,
- jetty 5.1.0,
- jetty 5.1.1,
- jetty 5.1.10,
- jetty 5.1.11,
- jetty 5.1.12,
- jetty 5.1.13,
- jetty 5.1.14,
- jetty 5.1.2,
- jetty 5.1.3,
- jetty 5.1.4,
- jetty 5.1.5,
- jetty 5.1.6,
- jetty 5.1.7,
- jetty 5.1.8,
- jetty 5.1.9,
- jetty 6.0.0,
- jetty 6.0.1,
- jetty 6.0.2,
- jetty 6.1.0,
- jetty 6.1.1,
- jetty 6.1.10,
- jetty 6.1.11,
- jetty 6.1.12,
- jetty 6.1.14,
- jetty 6.1.15,
- jetty 6.1.16,
- jetty 6.1.19,
- jetty 6.1.2,
- jetty 6.1.20,
- jetty 6.1.21,
- jetty 6.1.3,
- jetty 6.1.4,
- jetty 6.1.5,
- jetty 6.1.6,
- jetty 6.1.7,
- jetty 6.1.8,
- jetty 6.1.9,
- jetty 7.0.0,
- sun storage common array manager 6.9.0
References
Advisory
