Partial denial of service through Collections functionality

This DoS causes large amounts of IO and cache churn, meaning it can be used to DoS a site if accessed repeatedly

It is possible for an anonymous user to make requests to collections that are very expensive to render, making DoS easier.

Information for security researchers

CVE Identifier: CVE-2012-5498
Impact Subscore: 2.9
Exploitability Subscore: 10
Overall CVSS Score: 3.9
Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C)
CWE: CWE-749
Credit: Richard Mitchell (Plone security team)