CWE-400
DiscouragedUncontrolled Resource Consumption
Abstraction: Class · Status: Draft
The product does not properly control the allocation and maintenance of a limited resource.
5435 vulnerabilities reference this CWE, most recent first.
CVE-2024-8626 (GCVE-0-2024-8626)
Vulnerability from cvelistv5 – Published: 2024-10-08 16:35 – Updated: 2024-10-08 17:36- CWE-400 - Uncontrolled Resource Consumption
| Vendor | Product | Version | |
|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 controllers |
Affected:
v33.011 <
|
|
| Rockwell Automation | Compact GuardLogix® 5380 controllers |
Affected:
v33.011<
|
|
| Rockwell Automation | CompactLogix 5480 controllers |
Affected:
v33.011<
|
|
| Rockwell Automation | GuardLogix 5580 controllers |
Affected:
v33.011<
|
|
| Rockwell Automation | 1756-EN4TR |
Affected:
v3.002
|
|
| rockwellautomation | compactlogix_5380_firmware |
Affected:
33.011 , < 33.015
(custom)
cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:* |
|
| rockwellautomation | compact_guardlogix_5380_firmware |
Affected:
33.011 , < 33.015
(custom)
cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:* |
|
| rockwellautomation | compactlogix_5480_firmware |
Affected:
33.011 , < 33.015
(custom)
cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:* |
|
| rockwellautomation | guardlogix_5580_firmware |
Affected:
33.001 , < 33.015
(custom)
cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:* |
|
| rockwellautomation | 1756-en4tr_firmware |
Affected:
3.002
cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:3.002:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:3.002:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en4tr_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "3.002"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8626",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T17:29:59.695076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T17:36:25.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011 \u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix\u00ae 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v3.002"
}
]
}
],
"datePublic": "2024-10-08T16:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover. \u003c/span\u003e"
}
],
"value": "Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover."
}
],
"impacts": [
{
"capecId": "CAPEC-124",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-124 Shared Resource Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T16:35:04.513Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cbr\u003eAffected Product\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in Firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011 \u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd rowspan=\"5\"\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003ev33.015 and later for versions 33\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003ev34.011 and later\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix\u00ae 5380 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5480 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix 5580 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eGuardLogix 5580 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e1756-EN4TR\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev3.002\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e4.001 and later\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003eMitigations and Workarounds \u003c/p\u003e\u003cp\u003eCustomers using the affected versions are encouraged to upgrade to corrected firmware versions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability. \u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u0026nbsp;\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Affected Product\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011 \u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n * v33.015 and later for versions 33\n\n\n\n\n\u00a0\n\n\u00a0\n\n * v34.011 and later\n\n\n\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix\u00ae 5380 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5480 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix 5580 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4TR\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv3.002\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n * 4.001 and later\n\n\n\n\n\u00a0\n\n\u00a0\n\n\n\n\nMitigations and Workarounds \n\nCustomers using the affected versions are encouraged to upgrade to corrected firmware versions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability. \n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"source": {
"advisory": "SD1706",
"discovery": "EXTERNAL"
},
"title": "Logix Controllers Vulnerable to Denial-of-Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-8626",
"datePublished": "2024-10-08T16:35:04.513Z",
"dateReserved": "2024-09-09T20:33:30.575Z",
"dateUpdated": "2024-10-08T17:36:25.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8454 (GCVE-0-2024-8454)
Vulnerability from cvelistv5 – Published: 2024-09-30 07:18 – Updated: 2024-09-30 16:59| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Affected:
0 , < 2.305b240719
(custom)
|
|
| PLANET Technology | GS-4210-24P2S hardware 3.0 |
Affected:
0 , < 3.305b240802
(custom)
|
|
| PLANET Technology | IGS-5225-4UP1T2S hardware 1.0 |
Affected:
0
|
|
| planet_technology_corp | gs-4210-24pl4c_hardware_2.0 |
Affected:
0 , < 2.305b240719
(custom)
cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:* |
|
| planet_technology_corp | gs-4210-24pl4c_hardware_3.0 |
Affected:
0 , < 3.305b240802
(custom)
cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:* |
|
| planet_technology_corp | igs-5225-4up1t2s_hardware_1.0 |
Affected:
0
cpe:2.3:a:planet_technology_corp:igs-5225-4up1t2s_hardware_1.0:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_2.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_3.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gs-4210-24pl4c_hardware_3.0",
"vendor": "planet_technology_corp",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:planet_technology_corp:igs-5225-4up1t2s_hardware_1.0:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "igs-5225-4up1t2s_hardware_1.0",
"vendor": "planet_technology_corp",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T16:57:41.398680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T16:59:40.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IGS-5225-4UP1T2S hardware 1.0",
"vendor": "PLANET Technology",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2024-09-30T07:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service.\u003c/span\u003e"
}
],
"value": "The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service."
}
],
"impacts": [
{
"capecId": "CAPEC-227",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-227 Sustained Client Engagement"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T07:18:30.271Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\u003cbr\u003eIGS-5225-4UP1T2S hardware 1.0 has reached End of Life (EOL). Replacement is recommended.\u003cbr\u003e"
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later.\nIGS-5225-4UP1T2S hardware 1.0 has reached End of Life (EOL). Replacement is recommended."
}
],
"source": {
"advisory": "TVN-202409010",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - Swctrl service DoS attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8454",
"datePublished": "2024-09-30T07:18:30.271Z",
"dateReserved": "2024-09-05T02:53:07.051Z",
"dateUpdated": "2024-09-30T16:59:40.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8451 (GCVE-0-2024-8451)
Vulnerability from cvelistv5 – Published: 2024-09-30 06:56 – Updated: 2024-09-30 17:32| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| PLANET Technology | GS-4210-24PL4C hardware 2.0 |
Affected:
0 , < 2.305b240719
(custom)
|
|
| PLANET Technology | GS-4210-24P2S hardware 3.0 |
Affected:
0 , < 3.305b240802
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:32:47.762349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:32:59.893Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GS-4210-24PL4C hardware 2.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "2.305b240719",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GS-4210-24P2S hardware 3.0",
"vendor": "PLANET Technology",
"versions": [
{
"lessThan": "3.305b240802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-09-30T06:52:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service."
}
],
"value": "Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service."
}
],
"impacts": [
{
"capecId": "CAPEC-227",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-227 Sustained Client Engagement"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T06:56:40.972Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\u003cbr\u003eUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"value": "Update firmware of GS-4210-24PL4C hardware 2.0 to version 2.305b240719 or later.\nUpdate firmware of GS-4210-24P2S hardware 3.0 to version 3.305b240802 or later."
}
],
"source": {
"advisory": "TVN-202409007",
"discovery": "EXTERNAL"
},
"title": "PLANET Technology switch devices - SSH server DoS attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-8451",
"datePublished": "2024-09-30T06:56:40.972Z",
"dateReserved": "2024-09-05T02:53:03.528Z",
"dateUpdated": "2024-09-30T17:32:59.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8418 (GCVE-0-2024-8418)
Vulnerability from cvelistv5 – Published: 2024-09-04 14:24 – Updated: 2026-06-29 23:24- CWE-400 - Uncontrolled Resource Consumption
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2025:7094 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-8418 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2309683 | issue-trackingx_refsource_REDHAT |
| https://github.com/containers/aardvark-dns/issues/500 | |
| https://github.com/containers/aardvark-dns/pull/503 |
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
1.12.0
(semver)
Affected: 1.12.1 (semver) |
|||
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
2:1.14.0-1.el9 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T15:21:26.948674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T15:21:37.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/containers/aardvark-dns/",
"defaultStatus": "unaffected",
"packageName": "containers/aardvark-dns",
"versions": [
{
"status": "affected",
"version": "1.12.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.12.1",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "aardvark-dns",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:1.14.0-1.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "aardvark-dns",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "container-tools:rhel8/aardvark-dns",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "container-tools:rhel8/containers-common",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "containers-common",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
}
],
"datePublic": "2024-09-04T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T23:24:26.352Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:7094",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:7094"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-8418"
},
{
"name": "RHBZ#2309683",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309683"
},
{
"url": "https://github.com/containers/aardvark-dns/issues/500"
},
{
"url": "https://github.com/containers/aardvark-dns/pull/503"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-03T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-09-04T10:00:00.000Z",
"value": "Made public."
}
],
"title": "Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service",
"workarounds": [
{
"lang": "en",
"value": "It is advised to upgrade aardvark-dns to version 1.12.1 or higher."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-8418",
"datePublished": "2024-09-04T14:24:03.276Z",
"dateReserved": "2024-09-04T10:38:07.126Z",
"dateUpdated": "2026-06-29T23:24:26.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8184 (GCVE-0-2024-8184)
Vulnerability from cvelistv5 – Published: 2024-10-14 15:09 – Updated: 2025-11-03 19:34- CWE-400 - Uncontrolled Resource Consumption
| Vendor | Product | Version | |
|---|---|---|---|
| Eclipse Foundation | Jetty |
Affected:
9.3.12 , ≤ 9.4.55
(semver)
Affected: 10.0.0 , ≤ 10.0.23 (semver) Affected: 11.0.0 , ≤ 11.0.23 (semver) Affected: 12.0.0 , ≤ 12.0.8 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:41:50.744158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:42:01.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:34:56.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2/",
"defaultStatus": "unaffected",
"modules": [
"jetty-server"
],
"packageName": "org.eclipse.jetty:jetty-server",
"product": "Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "9.4.55",
"status": "affected",
"version": "9.3.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.0.23",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.0.23",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.0.8",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://github.com/HRsGIT"
}
],
"datePublic": "2024-10-14T03:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists a security vulnerability in Jetty\u0027s \u003ccode\u003eThreadLimitHandler.getRemote()\u003c/code\u003e which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.\u003cbr\u003e"
}
],
"value": "There exists a security vulnerability in Jetty\u0027s ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T15:30:02.698Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
},
{
"url": "https://github.com/jetty/jetty.project/pull/11723"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not use \u003ccode\u003eThreadLimitHandler\u003c/code\u003e.\u003cbr\u003e\nConsider use of \u003ccode\u003eQoSHandler\u003c/code\u003e instead to artificially limit resource utilization.\u003cbr\u003e"
}
],
"value": "Do not use ThreadLimitHandler.\n\nConsider use of QoSHandler instead to artificially limit resource utilization."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-8184",
"datePublished": "2024-10-14T15:09:37.861Z",
"dateReserved": "2024-08-26T15:58:44.006Z",
"dateUpdated": "2025-11-03T19:34:56.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8041 (GCVE-0-2024-8041)
Vulnerability from cvelistv5 – Published: 2024-08-22 15:30 – Updated: 2024-08-29 15:05- CWE-400 - Uncontrolled Resource Consumption
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/issues/463092 | issue-trackingpermissions-required |
| https://hackerone.com/reports/2499070 | technical-descriptionexploitpermissions-required |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8041",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:05:10.898443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T16:05:22.487Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "17.1.6",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "17.2.4",
"status": "affected",
"version": "17.2",
"versionType": "semver"
},
{
"lessThan": "17.3.1",
"status": "affected",
"version": "17.3",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [a92847865](https://hackerone.com/a92847865) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon importing a maliciously crafted repository using the GitHub importer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T15:05:01.304Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #463092",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/463092"
},
{
"name": "HackerOne Bug Bounty Report #2499070",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2499070"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 17.1.6, 17.2.4, 17.3.1 or above."
}
],
"title": "Uncontrolled Resource Consumption in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2024-8041",
"datePublished": "2024-08-22T15:30:37.643Z",
"dateReserved": "2024-08-21T15:02:15.490Z",
"dateUpdated": "2024-08-29T15:05:01.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7771 (GCVE-0-2024-7771)
Vulnerability from cvelistv5 – Published: 2025-03-20 10:08 – Updated: 2025-03-20 19:02- CWE-400 - Uncontrolled Resource Consumption
| Vendor | Product | Version | |
|---|---|---|---|
| mintplex-labs | mintplex-labs/anything-llm |
Affected:
unspecified , < 1.3.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7771",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T17:52:13.776871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:02:21.737Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mintplex-labs/anything-llm",
"vendor": "mintplex-labs",
"versions": [
{
"lessThan": "1.3.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Dockerized version of mintplex-labs/anything-llm (latest, digest 1d9452da2b92) allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from the localWhisper implementation, where resampling the audio file from 1 Hz to 16000 Hz quickly exceeds available memory, leading to the Docker instance being killed by the instance manager."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T10:08:49.536Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/a31a9834-e9c4-4b50-a1ec-ecb69f2a6142"
},
{
"url": "https://github.com/mintplex-labs/anything-llm/commit/dd017c6cbbf42abdef7861a66558c53b66424d07"
}
],
"source": {
"advisory": "a31a9834-e9c4-4b50-a1ec-ecb69f2a6142",
"discovery": "EXTERNAL"
},
"title": "Denial of Service in mintplex-labs/anything-llm"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-7771",
"datePublished": "2025-03-20T10:08:49.536Z",
"dateReserved": "2024-08-13T19:25:39.010Z",
"dateUpdated": "2025-03-20T19:02:21.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7708 (GCVE-0-2024-7708)
Vulnerability from cvelistv5 – Published: 2026-07-14 09:01 – Updated: 2026-07-14 12:17| Vendor | Product | Version | |
|---|---|---|---|
| Eclipse Foundation | Eclipse Jetty |
Affected:
10.0.7 , < 10.0.23
(semver)
Affected: 11.0.7 , < 11.0.23 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7708",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-14T12:16:59.558842Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T12:17:11.635Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "org.eclipse.jetty:jetty-server",
"product": "Eclipse Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThan": "10.0.23",
"status": "affected",
"version": "10.0.7",
"versionType": "semver"
},
{
"lessThan": "11.0.23",
"status": "affected",
"version": "11.0.7",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://github.com/kimmerin"
},
{
"lang": "en",
"type": "finder",
"value": "https://github.com/pmneo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak.\nThis is particularly the case for 100-Continue, but any request where the network is slow can leak."
}
],
"value": "For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak.\nThis is particularly the case for 100-Continue, but any request where the network is slow can leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T09:01:53.869Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://gitlab.eclipse.org/security/cve-assignment/-/work_items/29"
}
],
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2024-7708",
"datePublished": "2026-07-14T09:01:53.869Z",
"dateReserved": "2024-08-12T16:15:04.741Z",
"dateUpdated": "2026-07-14T12:17:11.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7610 (GCVE-0-2024-7610)
Vulnerability from cvelistv5 – Published: 2024-08-08 10:30 – Updated: 2024-08-29 15:05- CWE-400 - Uncontrolled Resource Consumption
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/issues/468917 | issue-trackingpermissions-required |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T12:53:54.759743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T12:54:03.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "17.0.6",
"status": "affected",
"version": "15.9",
"versionType": "semver"
},
{
"lessThan": "17.1.4",
"status": "affected",
"version": "17.1",
"versionType": "semver"
},
{
"lessThan": "17.2.2",
"status": "affected",
"version": "17.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability was discovered internally by GitLab team member [Terri Chu](https://gitlab.com/terrichu)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T15:05:01.225Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #468917",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/468917"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 17.2.2, 17.1.4, 17.0.6 or above."
}
],
"title": "Uncontrolled Resource Consumption in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2024-7610",
"datePublished": "2024-08-08T10:30:43.133Z",
"dateReserved": "2024-08-08T10:02:04.174Z",
"dateUpdated": "2024-08-29T15:05:01.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7592 (GCVE-0-2024-7592)
Vulnerability from cvelistv5 – Published: 2024-08-19 19:06 – Updated: 2025-11-03 22:32- CWE-400 - Uncontrolled Resource Consumption
| Vendor | Product | Version | |
|---|---|---|---|
| Python Software Foundation | CPython |
Affected:
0 , < 3.8.20
(python)
Affected: 3.9.0 , < 3.9.20 (python) Affected: 3.10.0 , < 3.10.15 (python) Affected: 3.11.0 , < 3.11.10 (python) Affected: 3.12.0 , < 3.12.6 (python) Affected: 3.13.0a1 , < 3.13.0rc2 (python) |
|
| python | cpython |
Affected:
0 , < 3.8.20
(python)
Affected: 3.9.0 , < 3.9.20 (python) Affected: 3.10.0 , < 3.10.15 (python) Affected: 3.11.0 , < 3.11.10 (python) Affected: 3.12.0 , < 3.12.6 (python) Affected: 3.13.0a1 , < 3.13.0rc2 (python) cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cpython",
"vendor": "python",
"versions": [
{
"lessThan": "3.8.20",
"status": "affected",
"version": "0",
"versionType": "python"
},
{
"lessThan": "3.9.20",
"status": "affected",
"version": "3.9.0",
"versionType": "python"
},
{
"lessThan": "3.10.15",
"status": "affected",
"version": "3.10.0",
"versionType": "python"
},
{
"lessThan": "3.11.10",
"status": "affected",
"version": "3.11.0",
"versionType": "python"
},
{
"lessThan": "3.12.6",
"status": "affected",
"version": "3.12.0",
"versionType": "python"
},
{
"lessThan": "3.13.0rc2",
"status": "affected",
"version": "3.13.0a1",
"versionType": "python"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-7592",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T17:21:02.520596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T20:53:12.739Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:32:52.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20241018-0006/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPython",
"repo": "https://github.com/python/cpython",
"vendor": "Python Software Foundation",
"versions": [
{
"lessThan": "3.8.20",
"status": "affected",
"version": "0",
"versionType": "python"
},
{
"lessThan": "3.9.20",
"status": "affected",
"version": "3.9.0",
"versionType": "python"
},
{
"lessThan": "3.10.15",
"status": "affected",
"version": "3.10.0",
"versionType": "python"
},
{
"lessThan": "3.11.10",
"status": "affected",
"version": "3.11.0",
"versionType": "python"
},
{
"lessThan": "3.12.6",
"status": "affected",
"version": "3.12.0",
"versionType": "python"
},
{
"lessThan": "3.13.0rc2",
"status": "affected",
"version": "3.13.0a1",
"versionType": "python"
}
]
}
],
"datePublic": "2024-08-16T16:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere is a LOW severity vulnerability affecting CPython, specifically the\n\u0027\u003ci\u003e\u003cb\u003ehttp.cookies\u003c/b\u003e\u003c/i\u003e\u0027 standard library module.\u003c/p\u003e\n\u003cp\u003eWhen parsing cookies that contained backslashes for quoted characters in\nthe cookie value, the parser would use an algorithm with quadratic\ncomplexity, resulting in excess CPU resources being used while parsing the\nvalue.\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "There is a LOW severity vulnerability affecting CPython, specifically the\n\u0027http.cookies\u0027 standard library module.\n\n\nWhen parsing cookies that contained backslashes for quoted characters in\nthe cookie value, the parser would use an algorithm with quadratic\ncomplexity, resulting in excess CPU resources being used while parsing the\nvalue."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-31T19:55:12.119Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/pull/123075"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/python/cpython/issues/123067"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Quadratic complexity parsing cookies with backslashes",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2024-7592",
"datePublished": "2024-08-19T19:06:45.311Z",
"dateReserved": "2024-08-07T15:53:07.135Z",
"dateUpdated": "2025-11-03T22:32:52.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.
Mitigation
- Mitigation of resource exhaustion attacks requires that the target system either:
- The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
- The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
- recognizes the attack and denies that user further access for a given amount of time, or
- uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Ensure that protocols have specific limits of scale placed on them.
Mitigation
Ensure that all failures in resource allocation place the system into a safe posture.
CAPEC-147: XML Ping of the Death
An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
CAPEC-227: Sustained Client Engagement
An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.
CAPEC-492: Regular Expression Exponential Blowup
An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.