CVE-2024-45796

EPSS 0.28%
Published 16.10.2024 19:15:26
Last modified 22.10.2024 13:37:57
Source security-advisories@github.com
Teams watchlist Login
Open Login

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been addressed in 7.0.7.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Oisf ≫ Suricata Version < 7.0.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.28%	0.506

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
security-advisories@github.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-193 Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

https://github.com/OISF/suricata/security/advisories/GHSA-mf6r-3xp2-v7xg

Third Party Advisory

https://redmine.openinfosecfoundation.org/issues/7067

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2024-45796

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-45796

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-45796

EUVD