7.6
CVE-2024-3661
- EPSS 2.67%
- Published 06.05.2024 19:15:11
- Last modified 15.01.2025 16:50:28
- Source 9119a7d8-5eab-497f-8521-727c67
- Teams watchlist Login
- Open Login
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
Data is provided by the National Vulnerability Database (NVD)
Fortinet ≫ FortiClient SwPlatformlinux Version >= 6.4.0 < 7.2.5
Fortinet ≫ FortiClient SwPlatformmacos Version >= 6.4.0 < 7.2.5
Fortinet ≫ FortiClient SwPlatformwindows Version >= 6.4.0 < 7.2.5
Fortinet ≫ FortiClient Version7.4.0 SwPlatformlinux
Fortinet ≫ FortiClient Version7.4.0 SwPlatformmacos
Fortinet ≫ FortiClient Version7.4.0 SwPlatformwindows
Cisco ≫ Anyconnect Vpn Client Version-
Cisco ≫ Secure Client Version-
Paloaltonetworks ≫ Globalprotect SwPlatformiphone_os
Paloaltonetworks ≫ Globalprotect SwPlatformlinux
Paloaltonetworks ≫ Globalprotect SwPlatformmacos
Paloaltonetworks ≫ Globalprotect SwPlatformwindows
Citrix ≫ Secure Access Client Version < 24.8.5
F5 ≫ Big-ip Access Policy Manager Version >= 7.2.3 <= 7.2.5
F5 ≫ Big-ip Access Policy Manager Version >= 15.1.0 <= 15.1.10
F5 ≫ Big-ip Access Policy Manager Version >= 16.1.0 <= 16.1.5
F5 ≫ Big-ip Access Policy Manager Version >= 17.1.0 <= 17.1.2
Watchguard ≫ Ipsec Mobile Vpn Client SwPlatformmacos
Watchguard ≫ Ipsec Mobile Vpn Client SwPlatformwindows
Watchguard ≫ Mobile Vpn With Ssl SwPlatformmacos
Watchguard ≫ Mobile Vpn With Ssl SwPlatformwindows
Zscaler ≫ Client Connector SwPlatformlinux Version < 1.5.1.25
Zscaler ≫ Client Connector SwPlatformmacos Version < 4.2.0.282
Zscaler ≫ Client Connector SwPlatformlinux Version >= 3.7 < 3.7.0.134
Zscaler ≫ Client Connector Version- SwPlatformwindows
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.67% | 0.853 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.6 | 2.8 | 4.7 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
|
| 9119a7d8-5eab-497f-8521-727c672e3725 | 7.6 | 2.8 | 4.7 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-501 Trust Boundary Violation
The product mixes trusted and untrusted data in the same data structure or structured message.