sdk-server is vulnerable to denial of service. The vulnerability exists because the maximum number of monitored items per session does not properly configure in the getMaxMonitoredItems
function of OpcUaServerConfigLimits.java
, allowing an attacker to cause an application crash by sending multiple CloseSession
requests with the delete subscription parameter equal to false
CPE | Name | Operator | Version |
---|---|---|---|
sdk-server | le | 0.6.7 | |
sdk-server | le | 0.6.7 |