Home / Early Warning / Vulnerabilidades / CVE-2018-6389

CVE-2018-6389

Type: 
Uncontrolled Resource Consumption ('Resource Exhaustion')
Severity: 
Medium
Publication date: 
02/06/2018
Last modified: 
03/01/2019
Description
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: No impact on system integrity + No impact on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
Explanation of fields