#VU444 Denial of service in Drupal - CVE-2014-9016
Published: September 14, 2016 / Updated: September 14, 2018
Vulnerability identifier: #VU444
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A/U:Clear
CVE-ID: CVE-2014-9016
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Drupal
Drupal
Software vendor:
Drupal
Drupal
Description
The vulnerability allows a remote user to cause denial of service on the target system.
The weakness exists due to CPU and memory exhaustion. Specially crafted and sent by the attackers requests may lead to site unavailability.
Successful exploitation of this vulnerability may result in denial of service on the vulnerable system.
The weakness exists due to CPU and memory exhaustion. Specially crafted and sent by the attackers requests may lead to site unavailability.
Successful exploitation of this vulnerability may result in denial of service on the vulnerable system.