CVE-2024-6227

Exploit

EPSS 0.27%
Veröffentlicht 08.07.2024 19:15:10
Zuletzt bearbeitet 21.11.2024 09:49:14
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Aimstack ≫ Aim Version3.19.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.27%	0.504

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security@huntr.dev	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://huntr.com/bounties/abcea7c6-bb3b-45e9-aa15-9eb6b224451a

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-6227

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-6227

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-6227

EUVD