Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-37034

In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. If done repeatedly, this will result in Tomcat request-thread exhaustion and ultimately a denial of any other requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.7%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2022-37034
  • Dotcms » Dotcms » Version: 22.03
    cpe:2.3:a:dotcms:dotcms:22.03
  • Dotcms » Dotcms » Version: 22.03.2
    cpe:2.3:a:dotcms:dotcms:22.03.2
  • Dotcms » Dotcms » Version: 22.08
    cpe:2.3:a:dotcms:dotcms:22.08
  • Dotcms » Dotcms » Version: 5.2.0
    cpe:2.3:a:dotcms:dotcms:5.2.0
  • Dotcms » Dotcms » Version: 5.2.8.1
    cpe:2.3:a:dotcms:dotcms:5.2.8.1
  • Dotcms » Dotcms » Version: 5.2.8.2
    cpe:2.3:a:dotcms:dotcms:5.2.8.2
  • Dotcms » Dotcms » Version: 5.2.8.3
    cpe:2.3:a:dotcms:dotcms:5.2.8.3
  • Dotcms » Dotcms » Version: 5.3.8.13
    cpe:2.3:a:dotcms:dotcms:5.3.8.13
  • Dotcms » Dotcms » Version: 5.3.8.14
    cpe:2.3:a:dotcms:dotcms:5.3.8.14
  • Dotcms » Dotcms » Version: 5.3.8.3
    cpe:2.3:a:dotcms:dotcms:5.3.8.3
  • Dotcms » Dotcms » Version: 5.3.8.7
    cpe:2.3:a:dotcms:dotcms:5.3.8.7
  • Dotcms » Dotcms » Version: 5.3.8.8
    cpe:2.3:a:dotcms:dotcms:5.3.8.8


Products
Pricing
Contact Us

Shodan ® - All rights reserved