Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0251
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Kaspersky Anti Targeted Attack. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kaspersky Anti Targeted Attack versions 6.x ant\u00e9rieures \u00e0 6.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Kaspersky",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-24568",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24568"
},
{
"name": "CVE-2024-23836",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23836"
},
{
"name": "CVE-2024-23837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23837"
},
{
"name": "CVE-2024-23839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23839"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0251",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Kaspersky Anti\nTargeted Attack. Elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Kaspersky Anti Targeted Attack",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Kaspersky du 26 mars 2024",
"url": "https://support.kaspersky.com/vulnerability/list-of-advisories/12430#260324"
}
]
}
CVE-2024-23837 (GCVE-0-2024-23837)
Vulnerability from cvelistv5 – Published: 2024-02-26 16:17 – Updated: 2025-11-03 18:08
VLAI?
EPSS
Summary
LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.
Severity ?
7.5 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | |
|---|---|---|
|
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T18:08:14.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8m",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8m"
},
{
"name": "https://github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6444",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6444"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00009.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:oisf:libhtp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libhtp",
"vendor": "oisf",
"versions": [
{
"lessThan": "0.5.46",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fedora",
"vendor": "fedoraproject",
"versions": [
{
"status": "affected",
"version": "38"
}
]
},
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fedora",
"vendor": "fedoraproject",
"versions": [
{
"status": "affected",
"version": "39"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23837",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T14:54:41.216991Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T14:57:03.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "libhtp",
"vendor": "OISF",
"versions": [
{
"status": "affected",
"version": "\u003c 0.5.46"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-07T03:06:21.855Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8m"
},
{
"name": "https://github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6444",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6444"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/"
}
],
"source": {
"advisory": "GHSA-f9wf-rrjj-qx8m",
"discovery": "UNKNOWN"
},
"title": "LibHTP unbounded folded header handling leads to denial service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-23837",
"datePublished": "2024-02-26T16:17:24.372Z",
"dateReserved": "2024-01-22T22:23:54.340Z",
"dateUpdated": "2025-11-03T18:08:14.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23839 (GCVE-0-2024-23839)
Vulnerability from cvelistv5 – Published: 2024-02-26 15:48 – Updated: 2025-02-13 17:39
VLAI?
EPSS
Summary
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.response_header keyword. The vulnerability has been patched in 7.0.3. To work around the vulnerability, avoid the http.request_header and http.response_header keywords.
Severity ?
7.1 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |
|---|---|---|
|
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:13:08.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-qxj6-hr2p-mmc7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-qxj6-hr2p-mmc7"
},
{
"name": "https://github.com/OISF/suricata/commit/cd731fcaf42e5f7078c9be643bfa0cee2ad53e8f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/cd731fcaf42e5f7078c9be643bfa0cee2ad53e8f"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6657",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6657"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "suricata",
"vendor": "oisf",
"versions": [
{
"lessThan": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23839",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T14:59:23.872531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T19:30:14.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "suricata",
"vendor": "OISF",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.response_header keyword. The vulnerability has been patched in 7.0.3. To work around the vulnerability, avoid the http.request_header and http.response_header keywords."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-07T02:14:08.189Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-qxj6-hr2p-mmc7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-qxj6-hr2p-mmc7"
},
{
"name": "https://github.com/OISF/suricata/commit/cd731fcaf42e5f7078c9be643bfa0cee2ad53e8f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/cd731fcaf42e5f7078c9be643bfa0cee2ad53e8f"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6657",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6657"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/"
}
],
"source": {
"advisory": "GHSA-qxj6-hr2p-mmc7",
"discovery": "UNKNOWN"
},
"title": "Suricata http: heap use after free with http.request_header and http.response_header keywords"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-23839",
"datePublished": "2024-02-26T15:48:16.120Z",
"dateReserved": "2024-01-22T22:23:54.342Z",
"dateUpdated": "2025-02-13T17:39:56.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-24568 (GCVE-0-2024-24568)
Vulnerability from cvelistv5 – Published: 2024-02-26 15:54 – Updated: 2025-02-13 17:40
VLAI?
EPSS
Summary
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.
Severity ?
5.3 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
|
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:19:52.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c"
},
{
"name": "https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6717",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6717"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "suricata",
"vendor": "oisf",
"versions": [
{
"lessThan": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fedora",
"vendor": "fedoraproject",
"versions": [
{
"status": "affected",
"version": "38"
}
]
},
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fedora",
"vendor": "fedoraproject",
"versions": [
{
"status": "affected",
"version": "39"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24568",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T20:18:31.069822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T14:36:16.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "suricata",
"vendor": "OISF",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-07T02:13:12.995Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c"
},
{
"name": "https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6717",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6717"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/"
}
],
"source": {
"advisory": "GHSA-gv29-5hqw-5h8c",
"discovery": "UNKNOWN"
},
"title": "Suricata http2: header handling evasion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24568",
"datePublished": "2024-02-26T15:54:52.314Z",
"dateReserved": "2024-01-25T15:09:40.210Z",
"dateUpdated": "2025-02-13T17:40:11.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23836 (GCVE-0-2024-23836)
Vulnerability from cvelistv5 – Published: 2024-02-26 15:44 – Updated: 2025-02-13 17:39
VLAI?
EPSS
Summary
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extreme slow downs and denial of service. This vulnerability is patched in 6.0.16 or 7.0.3. Workarounds include disabling the affected protocol app-layer parser in the yaml and reducing the `stream.reassembly.depth` value helps reduce the severity of the issue.
Severity ?
7.5 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T14:33:18.701351Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:45:51.780Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:13:08.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc"
},
{
"name": "https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7"
},
{
"name": "https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747"
},
{
"name": "https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7"
},
{
"name": "https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc"
},
{
"name": "https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97"
},
{
"name": "https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8"
},
{
"name": "https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786"
},
{
"name": "https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5"
},
{
"name": "https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01"
},
{
"name": "https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6531",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6531"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6532",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6532"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6540",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6540"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6658",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6658"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6659",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6659"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6660",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6660"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "suricata",
"vendor": "OISF",
"versions": [
{
"status": "affected",
"version": "\u003c 6.0.16"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extreme slow downs and denial of service. This vulnerability is patched in 6.0.16 or 7.0.3. Workarounds include disabling the affected protocol app-layer parser in the yaml and reducing the `stream.reassembly.depth` value helps reduce the severity of the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-07T02:13:53.157Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc"
},
{
"name": "https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7"
},
{
"name": "https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747"
},
{
"name": "https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7"
},
{
"name": "https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc"
},
{
"name": "https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97"
},
{
"name": "https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8"
},
{
"name": "https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786"
},
{
"name": "https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5"
},
{
"name": "https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01"
},
{
"name": "https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6531",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6531"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6532",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6532"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6540",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6540"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6658",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6658"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6659",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6659"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/6660",
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/6660"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/"
}
],
"source": {
"advisory": "GHSA-q33q-45cr-3cpc",
"discovery": "UNKNOWN"
},
"title": "crafted traffic can cause denial of service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-23836",
"datePublished": "2024-02-26T15:44:03.308Z",
"dateReserved": "2024-01-22T22:23:54.340Z",
"dateUpdated": "2025-02-13T17:39:55.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…