FKIE_CVE-2024-11322

Vulnerability from fkie_nvd - Published: 2025-01-15 14:15 - Updated: 2025-01-15 14:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A denial-of-service vulnerability exists in CyberPower PowerPanel Business (PPB) 4.11.0. An unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can repeatedly restart ppbd.exe to render it unavailable.
References
vulnreport@tenable.comhttps://www.tenable.com/security/research/tra-2025-01
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A denial-of-service vulnerability exists in CyberPower PowerPanel Business (PPB) 4.11.0. \nAn unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can repeatedly restart ppbd.exe to render it unavailable."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en CyberPower PowerPanel Business (PPB) 4.11.0.  Un atacante remoto no autenticado puede reiniciar el proceso ppbd.exe a trav\u00e9s del servicio PowerPanel Business Service Watchdog que escucha en el puerto TCP 2003. El atacante puede reiniciar repetidamente ppbd.exe para que no est\u00e9 disponible."
    }
  ],
  "id": "CVE-2024-11322",
  "lastModified": "2025-01-15T14:15:27.943",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "vulnreport@tenable.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-15T14:15:27.943",
  "references": [
    {
      "source": "vulnreport@tenable.com",
      "url": "https://www.tenable.com/security/research/tra-2025-01"
    }
  ],
  "sourceIdentifier": "vulnreport@tenable.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "vulnreport@tenable.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.