CVE-2020-4325
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can't recover the memory used by those thread pools, which leads to an OutOfMemory exception when the Process Federation Server Global Teams REST API is used extensively. IBM X-Force ID: 177596.
La API REST de Global Teams del IBM Process Federation Server versiones 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2 y 19.0.0.3, no cierra apropiadamente los grupos de subprocesos (hilos) que crea para recuperar la información de Global Teams desde los sistemas federados. Como consecuencia, la Java Virtual Machine no puede recuperar la memoria utilizada por esos grupos de subprocesos (hilos), lo que conlleva a una excepción OutOfMemory cuando la API REST de Global Teams del Process Federation Server es usado ampliamente. ID de IBM X-Force: 177596.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-12-30 CVE Reserved
- 2020-04-02 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-404: Improper Resource Shutdown or Release
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/177596 | 2021-07-21 | |
https://www.ibm.com/support/pages/node/6125403 | 2021-07-21 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ibm Search vendor "Ibm" | Cloud Pak For Automation Search vendor "Ibm" for product "Cloud Pak For Automation" | 19.0.3 Search vendor "Ibm" for product "Cloud Pak For Automation" and version "19.0.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Process Federation Server Search vendor "Ibm" for product "Process Federation Server" | >= 18.0.0.1 <= 19.0.0.3 Search vendor "Ibm" for product "Process Federation Server" and version " >= 18.0.0.1 <= 19.0.0.3" | - |
Affected
|