CVE-2020-6937

Published: May 29, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.

Affected (6)

Products: Mulesoft: Mule Runtime

Mulesoft

1 product

Mule Runtime

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Mulesoft Mule Runtime	From 3.8.0 to 3.8.7
Mulesoft Mule Runtime	From 3.9.0 to 3.9.4
Mulesoft Mule Runtime	From 4.0.0 to 4.3.0
Mulesoft Mule Runtime	From 3.8.0 to 3.8.7
Mulesoft Mule Runtime	From 3.9.0 to 3.9.4
Mulesoft Mule Runtime	From 4.0.0 to 4.3.0

References (2)

https://help.salesforce.com/articleView?id=000353701&language=en_US&type=1&mode=1

Source: security@salesforce.com

Vendor Advisory

https://help.salesforce.com/articleView?id=000353701&language=en_US&type=1&mode=1

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.