← Back

CVE-2020-8123

nvd nist
Published: Feb 4, 2020Modified: Nov 21, 2024

JSON object

Loading...
4.9
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.2 / Impact: 3.6
Source: NVD

Description

A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that can be abused in the admin console using admin rights can lead to arbitrary restart of the application.

Affected (98)

Products: Strapi: Strapi
Strapi
1 product
Strapi
Configuration A
98 vulnerable
Vulnerable SoftwareAffected Versions
Strapi
Strapi
Before 3.0.0
Strapi
Version 3.0.0 alpha10.1
Strapi
Version 3.0.0 alpha10.2
Strapi
Version 3.0.0 alpha10.3
Strapi
Version 3.0.0 alpha11.1
Strapi
Version 3.0.0 alpha11.2
Strapi
Version 3.0.0 alpha11.3
Strapi
Version 3.0.0 alpha11
Strapi
Version 3.0.0 alpha12.1.3
Strapi
Version 3.0.0 alpha12.1
Strapi
Version 3.0.0 alpha12.2
Strapi
Version 3.0.0 alpha12.3
Strapi
Version 3.0.0 alpha12.4
Strapi
Version 3.0.0 alpha12.5
Strapi
Version 3.0.0 alpha12.6
Strapi
Version 3.0.0 alpha12.7.1
Strapi
Version 3.0.0 alpha12.7
Strapi
Version 3.0.0 alpha12
Strapi
Version 3.0.0 alpha13.0.1
Strapi
Version 3.0.0 alpha13.1
Strapi
Version 3.0.0 alpha13
Strapi
Version 3.0.0 alpha14.1.1
Strapi
Version 3.0.0 alpha14.1
Strapi
Version 3.0.0 alpha14.2
Strapi
Version 3.0.0 alpha14.3
Strapi
Version 3.0.0 alpha14.4.0
Strapi
Version 3.0.0 alpha14.5
Strapi
Version 3.0.0 alpha14
Strapi
Version 3.0.0 alpha15
Strapi
Version 3.0.0 alpha16
Strapi
Version 3.0.0 alpha17
Strapi
Version 3.0.0 alpha18
Strapi
Version 3.0.0 alpha19
Strapi
Version 3.0.0 alpha20
Strapi
Version 3.0.0 alpha21
Strapi
Version 3.0.0 alpha22
Strapi
Version 3.0.0 alpha23.1
Strapi
Version 3.0.0 alpha23
Strapi
Version 3.0.0 alpha24.1
Strapi
Version 3.0.0 alpha24
Strapi
Version 3.0.0 alpha25.1
Strapi
Version 3.0.0 alpha25.2
Strapi
Version 3.0.0 alpha25
Strapi
Version 3.0.0 alpha26.1
Strapi
Version 3.0.0 alpha26.2
Strapi
Version 3.0.0 alpha26
Strapi
Version 3.0.0 alpha4.8
Strapi
Version 3.0.0 alpha4
Strapi
Version 3.0.0 alpha5.3
Strapi
Version 3.0.0 alpha5.5
Strapi
Version 3.0.0 alpha6.3
Strapi
Version 3.0.0 alpha6.4
Strapi
Version 3.0.0 alpha6.7
Strapi
Version 3.0.0 alpha7.2
Strapi
Version 3.0.0 alpha7.3
Strapi
Version 3.0.0 alpha8.3
Strapi
Version 3.0.0 alpha8
Strapi
Version 3.0.0 alpha9.1
Strapi
Version 3.0.0 alpha9.2
Strapi
Version 3.0.0 alpha9
Strapi
Version 3.0.0 beta0
Strapi
Version 3.0.0 beta10
Strapi
Version 3.0.0 beta11
Strapi
Version 3.0.0 beta12
Strapi
Version 3.0.0 beta13
Strapi
Version 3.0.0 beta14
Strapi
Version 3.0.0 beta15
Strapi
Version 3.0.0 beta16.1
Strapi
Version 3.0.0 beta16.2
Strapi
Version 3.0.0 beta16.3
Strapi
Version 3.0.0 beta16.4
Strapi
Version 3.0.0 beta16.5
Strapi
Version 3.0.0 beta16.6
Strapi
Version 3.0.0 beta16.7
Strapi
Version 3.0.0 beta16.8
Strapi
Version 3.0.0 beta16
Strapi
Version 3.0.0 beta17.1
Strapi
Version 3.0.0 beta17.2
Strapi
Version 3.0.0 beta17.3
Strapi
Version 3.0.0 beta17.4
Strapi
Version 3.0.0 beta17.5
Strapi
Version 3.0.0 beta17.6
Strapi
Version 3.0.0 beta17.7
Strapi
Version 3.0.0 beta17.8
Strapi
Version 3.0.0 beta17
Strapi
Version 3.0.0 beta18.1
Strapi
Version 3.0.0 beta18.2
Strapi
Version 3.0.0 beta18.3
Strapi
Version 3.0.0 beta18
Strapi
Version 3.0.0 beta1
Strapi
Version 3.0.0 beta2
Strapi
Version 3.0.0 beta3
Strapi
Version 3.0.0 beta4
Strapi
Version 3.0.0 beta5
Strapi
Version 3.0.0 beta6
Strapi
Version 3.0.0 beta7
Strapi
Version 3.0.0 beta8
Strapi
Version 3.0.0 beta9

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

Source: support@hackerone.com
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.