{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-17T03:53:46.168","vulnerabilities":[{"cve":{"id":"CVE-2020-35510","sourceIdentifier":"secalert@redhat.com","published":"2021-06-02T14:15:09.393","lastModified":"2024-11-21T05:27:27.853","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in jboss-remoting in versions before 5.0.20.SP1-redhat-00001. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability."},{"lang":"es","value":"Se ha encontrado un fallo en jboss-remoting en versiones anteriores a 5.0.20.SP1-redhat-00001. Un atacante malicioso podría causar que los hilos (subprocesos) se quedaran detenidos para siempre en el servidor EJB al escribir una secuencia de bytes correspondientes a los mensajes esperados de una petición de cliente EJB con éxito, pero omitiendo los mensajes ACK, o simplemente manipulando el código de jboss-remoting, borrando las líneas que envían el mensaje ACK del código del cliente EJB, resultando en una Denegación de Servicio. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:C","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss-remoting:*:*:*:*:*:*:*:*","versionEndExcluding":"5.0.20","matchCriteriaId":"62C98CF3-35A8-42CA-974F-C6232DA0BD5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss-remoting:5.0.20:-:*:*:*:*:*:*","matchCriteriaId":"415F273E-9CBD-4266-8D2D-02C21A753C8A"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905796","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905796","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}}]}