CVE-2020-29540

Name of the Vulnerable Software and Affected Versions Systran Pure Neural Server versions prior to 9.7.0

Description The issue allows a threat actor to use the Systran Pure Neural Server as a Denial-of-Service proxy by sending a large amount of translation requests to a destination host on any given TCP port, regardless of whether a web service is running on the destination port. This is possible through API calls in the Translation API feature.

Recommendations For versions prior to 9.7.0, update to version 9.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Translation API feature to minimize the risk of exploitation.