cve-2024-37151
Vulnerability from cvelistv5
Published
2024-07-11 14:39
Modified
2024-08-02 03:50
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.
References
security-advisories@github.comhttps://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0Patch
security-advisories@github.comhttps://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6bPatch
security-advisories@github.comhttps://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24Vendor Advisory
security-advisories@github.comhttps://redmine.openinfosecfoundation.org/issues/7041Issue Tracking
security-advisories@github.comhttps://redmine.openinfosecfoundation.org/issues/7042Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0Patch
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6bPatch
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://redmine.openinfosecfoundation.org/issues/7041Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://redmine.openinfosecfoundation.org/issues/7042Issue Tracking
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:oisf:suricata:6.0.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "suricata",
            "vendor": "oisf",
            "versions": [
              {
                "lessThan": "6.0.20",
                "status": "affected",
                "version": "6.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oisf:suricata:7.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "suricata",
            "vendor": "oisf",
            "versions": [
              {
                "lessThan": "7.0.6",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37151",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-11T15:59:30.704290Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T15:51:20.755Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:50:54.763Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24"
          },
          {
            "name": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0"
          },
          {
            "name": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b"
          },
          {
            "name": "https://redmine.openinfosecfoundation.org/issues/7041",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://redmine.openinfosecfoundation.org/issues/7041"
          },
          {
            "name": "https://redmine.openinfosecfoundation.org/issues/7042",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://redmine.openinfosecfoundation.org/issues/7042"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "suricata",
          "vendor": "OISF",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 6.0.0, \u003c 6.0.20"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.0.0,\u003c 7.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. \nMishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-11T14:39:32.766Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24"
        },
        {
          "name": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0"
        },
        {
          "name": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b"
        },
        {
          "name": "https://redmine.openinfosecfoundation.org/issues/7041",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://redmine.openinfosecfoundation.org/issues/7041"
        },
        {
          "name": "https://redmine.openinfosecfoundation.org/issues/7042",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://redmine.openinfosecfoundation.org/issues/7042"
        }
      ],
      "source": {
        "advisory": "GHSA-qrp7-g66m-px24",
        "discovery": "UNKNOWN"
      },
      "title": "Suricata defrag: IP ID reuse can lead to policy bypass"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-37151",
    "datePublished": "2024-07-11T14:39:32.766Z",
    "dateReserved": "2024-06-03T17:29:38.328Z",
    "dateUpdated": "2024-08-02T03:50:54.763Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndExcluding\": \"6.0.20\", \"matchCriteriaId\": \"C796A1DA-B8E9-45E4-BBCF-7673AB7DDC99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0.0\", \"versionEndExcluding\": \"7.0.6\", \"matchCriteriaId\": \"108D4F28-A795-4119-A750-9108C85201DC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. \\nMishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.\"}, {\"lang\": \"es\", \"value\": \"Suricata es un sistema de detecci\\u00f3n de intrusiones en la red, un sistema de prevenci\\u00f3n de intrusiones y un motor de monitoreo de seguridad de la red. El mal manejo de varios paquetes fragmentados que utilizan el mismo valor de ID de IP puede provocar un error en el reensamblaje del paquete, lo que puede provocar una omisi\\u00f3n de pol\\u00edticas. Actualice a 7.0.6 o 6.0.20. Cuando utilice af-packet, habilite `defrag` para reducir el alcance del problema.\"}]",
      "id": "CVE-2024-37151",
      "lastModified": "2024-11-21T09:23:18.420",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
      "published": "2024-07-11T15:15:11.847",
      "references": "[{\"url\": \"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7041\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7042\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7041\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7042\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-754\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-754\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-37151\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-07-11T15:15:11.847\",\"lastModified\":\"2024-11-21T09:23:18.420\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. \\nMishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.\"},{\"lang\":\"es\",\"value\":\"Suricata es un sistema de detecci\u00f3n de intrusiones en la red, un sistema de prevenci\u00f3n de intrusiones y un motor de monitoreo de seguridad de la red. El mal manejo de varios paquetes fragmentados que utilizan el mismo valor de ID de IP puede provocar un error en el reensamblaje del paquete, lo que puede provocar una omisi\u00f3n de pol\u00edticas. Actualice a 7.0.6 o 6.0.20. Cuando utilice af-packet, habilite `defrag` para reducir el alcance del problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.20\",\"matchCriteriaId\":\"C796A1DA-B8E9-45E4-BBCF-7673AB7DDC99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.6\",\"matchCriteriaId\":\"108D4F28-A795-4119-A750-9108C85201DC\"}]}]}],\"references\":[{\"url\":\"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://redmine.openinfosecfoundation.org/issues/7041\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://redmine.openinfosecfoundation.org/issues/7042\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://redmine.openinfosecfoundation.org/issues/7041\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://redmine.openinfosecfoundation.org/issues/7042\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24\", \"name\": \"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0\", \"name\": \"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\", \"name\": \"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7041\", \"name\": \"https://redmine.openinfosecfoundation.org/issues/7041\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7042\", \"name\": \"https://redmine.openinfosecfoundation.org/issues/7042\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T03:50:54.763Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-37151\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-11T15:59:30.704290Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:oisf:suricata:6.0.0:-:*:*:*:*:*:*\"], \"vendor\": \"oisf\", \"product\": \"suricata\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0.0\", \"lessThan\": \"6.0.20\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oisf:suricata:7.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"oisf\", \"product\": \"suricata\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.0.0\", \"lessThan\": \"7.0.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-11T16:04:03.011Z\"}}], \"cna\": {\"title\": \"Suricata defrag: IP ID reuse can lead to policy bypass\", \"source\": {\"advisory\": \"GHSA-qrp7-g66m-px24\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"OISF\", \"product\": \"suricata\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 6.0.0, \u003c 6.0.20\"}, {\"status\": \"affected\", \"version\": \"\u003e= 7.0.0,\u003c 7.0.6\"}]}], \"references\": [{\"url\": \"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24\", \"name\": \"https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0\", \"name\": \"https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\", \"name\": \"https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7041\", \"name\": \"https://redmine.openinfosecfoundation.org/issues/7041\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7042\", \"name\": \"https://redmine.openinfosecfoundation.org/issues/7042\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. \\nMishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-754\", \"description\": \"CWE-754: Improper Check for Unusual or Exceptional Conditions\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-07-11T14:39:32.766Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-37151\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T03:50:54.763Z\", \"dateReserved\": \"2024-06-03T17:29:38.328Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-07-11T14:39:32.766Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.