Common Weakness Enumeration

CWE-400

Discouraged

Uncontrolled Resource Consumption

Abstraction: Class · Status: Draft

The product does not properly control the allocation and maintenance of a limited resource.

5420 vulnerabilities reference this CWE, most recent first.

CVE-2024-49129 (GCVE-0-2024-49129)

Vulnerability from cvelistv5 – Published: 2024-12-10 17:49 – Updated: 2026-06-09 18:30
VLAI
Title
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
Summary
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.25222 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.25222 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.22318 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.22318 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.7606 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.7606 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.6659 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.6659 (custom)
Create a notification for this product.
Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2966 (custom)
Create a notification for this product.
Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) Affected: 10.0.25398.0 , < 10.0.25398.1308 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 Affected: 10.0.26100.0 , < 10.0.26100.2605 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 (Server Core installation) Affected: 10.0.26100.0 , < 10.0.26100.2605 (custom)
Create a notification for this product.
Date Public
2024-12-10 08:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-49129",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-13T20:53:30.627694Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-13T21:35:10.707Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25222",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25222",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.22318",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.22318",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.7606",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.7606",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.6659",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.6659",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.2966",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.25398.1308",
              "status": "affected",
              "version": "10.0.25398.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.2605",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.2605",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.6659",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.6659",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.2966",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.2605",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.25398.1308",
                  "versionStartIncluding": "10.0.25398.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.2605",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.7606",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.7606",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25222",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25222",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.22318",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.22318",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2024-12-10T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T18:30:42.359Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49129"
        }
      ],
      "title": "Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2024-49129",
    "datePublished": "2024-12-10T17:49:27.121Z",
    "dateReserved": "2024-10-11T20:57:49.209Z",
    "dateUpdated": "2026-06-09T18:30:42.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-49096 (GCVE-0-2024-49096)

Vulnerability from cvelistv5 – Published: 2024-12-10 17:49 – Updated: 2026-06-09 18:30
VLAI
Title
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Summary
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20857 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.7606 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.6659 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.5247 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.5247 (custom)
Create a notification for this product.
Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.4602 (custom)
Create a notification for this product.
Microsoft Windows 11 version 22H3 Affected: 10.0.22631.0 , < 10.0.22631.4602 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 23H2 Affected: 10.0.22631.0 , < 10.0.22631.4602 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 24H2 Affected: 10.0.26100.0 , < 10.0.26100.2605 (custom)
Create a notification for this product.
Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.23016 (custom)
Create a notification for this product.
Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.27467 (custom)
Create a notification for this product.
Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.27467 (custom)
Create a notification for this product.
Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.23016 (custom)
Create a notification for this product.
Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.23016 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.25222 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.25222 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.22318 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.22318 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.7606 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.7606 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.6659 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.6659 (custom)
Create a notification for this product.
Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2966 (custom)
Create a notification for this product.
Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) Affected: 10.0.25398.0 , < 10.0.25398.1308 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 Affected: 10.0.26100.0 , < 10.0.26100.2605 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 (Server Core installation) Affected: 10.0.26100.0 , < 10.0.26100.2605 (custom)
Create a notification for this product.
Date Public
2024-12-10 08:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-49096",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-12T19:29:15.675200Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-12T19:31:22.231Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.20857",
              "status": "affected",
              "version": "10.0.10240.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.7606",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.6659",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.5247",
              "status": "affected",
              "version": "10.0.19043.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.5247",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22621.4602",
              "status": "affected",
              "version": "10.0.22621.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 22H3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.4602",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 23H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.4602",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 24H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.2605",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008  Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.23016",
              "status": "affected",
              "version": "6.0.6003.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.1.7601.27467",
              "status": "affected",
              "version": "6.1.7601.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.1.7601.27467",
              "status": "affected",
              "version": "6.1.7601.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems"
          ],
          "product": "Windows Server 2008 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.23016",
              "status": "affected",
              "version": "6.0.6003.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.23016",
              "status": "affected",
              "version": "6.0.6003.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25222",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25222",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.22318",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.22318",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.7606",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.7606",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.6659",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.6659",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.2966",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.25398.1308",
              "status": "affected",
              "version": "10.0.25398.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.2605",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.2605",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.6659",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.6659",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.6659",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.2966",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.5247",
                  "versionStartIncluding": "10.0.19043.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22621.4602",
                  "versionStartIncluding": "10.0.22621.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.5247",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.2605",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22631.4602",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.22631.4602",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.25398.1308",
                  "versionStartIncluding": "10.0.25398.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26100.2605",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.2605",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.10240.20857",
                  "versionStartIncluding": "10.0.10240.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.14393.7606",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.7606",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.7606",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.0.6003.23016",
                  "versionStartIncluding": "6.0.6003.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.0.6003.23016",
                  "versionStartIncluding": "6.0.6003.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "6.0.6003.23016",
                  "versionStartIncluding": "6.0.6003.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.1.7601.27467",
                  "versionStartIncluding": "6.1.7601.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.1.7601.27467",
                  "versionStartIncluding": "6.1.7601.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25222",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25222",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.22318",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.22318",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2024-12-10T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T18:30:29.073Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49096"
        }
      ],
      "title": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2024-49096",
    "datePublished": "2024-12-10T17:49:14.446Z",
    "dateReserved": "2024-10-11T20:57:49.202Z",
    "dateUpdated": "2026-06-09T18:30:29.073Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-49075 (GCVE-0-2024-49075)

Vulnerability from cvelistv5 – Published: 2024-12-10 17:49 – Updated: 2026-06-09 18:31
VLAI
Title
Windows Remote Desktop Services Denial of Service Vulnerability
Summary
Windows Remote Desktop Services Denial of Service Vulnerability
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.6659 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 21H2 Affected: 10.0.19044.0 , < 10.0.19044.5247 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.5247 (custom)
Create a notification for this product.
Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.4602 (custom)
Create a notification for this product.
Microsoft Windows 11 version 23H2 Affected: 10.0.22631.0 , < 10.0.22631.4602 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 23H2 Affected: 10.0.22631.0 , < 10.0.22631.4602 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 24H2 Affected: 10.0.26100.0 , < 10.0.26100.2605 (custom)
Create a notification for this product.
Microsoft Windows 11 version 26H1 Affected: 10.0.28000.0 , < 10.0.28000.2269 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.6659 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.6659 (custom)
Create a notification for this product.
Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2966 (custom)
Create a notification for this product.
Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) Affected: 10.0.25398.0 , < 10.0.25398.1308 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 Affected: 10.0.26100.0 , < 10.0.26100.2605 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 (Server Core installation) Affected: 10.0.26100.0 , < 10.0.26100.2605 (custom)
Create a notification for this product.
Date Public
2024-12-10 16:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-49075",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-12T19:29:10.826210Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-12T19:30:35.841Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.6659",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.5247",
              "status": "affected",
              "version": "10.0.19044.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.5247",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22621.4602",
              "status": "affected",
              "version": "10.0.22621.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 23H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.4602",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 23H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.4602",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 24H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.2605",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 26H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.28000.2269",
              "status": "affected",
              "version": "10.0.28000.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.6659",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.6659",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.2966",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.25398.1308",
              "status": "affected",
              "version": "10.0.25398.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.2605",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.2605",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.6659",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.6659",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.6659",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.2966",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.5247",
                  "versionStartIncluding": "10.0.19044.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22621.4602",
                  "versionStartIncluding": "10.0.22621.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.5247",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.2605",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22631.4602",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.22631.4602",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.25398.1308",
                  "versionStartIncluding": "10.0.25398.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26100.2605",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.2605",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.28000.2269",
                  "versionStartIncluding": "10.0.28000.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2024-12-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Windows Remote Desktop Services\u00a0Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T18:31:04.050Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Remote Desktop Services\u00a0Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49075"
        }
      ],
      "title": "Windows Remote Desktop Services\u00a0Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2024-49075",
    "datePublished": "2024-12-10T17:49:37.085Z",
    "dateReserved": "2024-10-11T20:57:49.196Z",
    "dateUpdated": "2026-06-09T18:31:04.050Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-47554 (GCVE-0-2024-47554)

Vulnerability from cvelistv5 – Published: 2024-10-03 11:32 – Updated: 2025-01-31 15:02
VLAI
Title
Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader
Summary
Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Vendor Product Version
Apache Software Foundation Apache Commons IO Affected: 2.0 , < 2.14.0 (semver)
Create a notification for this product.
Credits
CodeQL
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-47554",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-03T13:00:56.326970Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-04T15:03:37.949Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-31T15:02:47.229Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/10/03/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250131-0010/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "commons-io:commons-io",
          "product": "Apache Commons IO",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "2.14.0",
              "status": "affected",
              "version": "2.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "tool",
          "value": "CodeQL"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUncontrolled Resource Consumption vulnerability in Apache Commons IO.\u003c/p\u003e\u003cp\u003eThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-03T11:32:48.936Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-47554",
    "datePublished": "2024-10-03T11:32:48.936Z",
    "dateReserved": "2024-09-26T16:12:46.116Z",
    "dateUpdated": "2025-01-31T15:02:47.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47535 (GCVE-0-2024-47535)

Vulnerability from cvelistv5 – Published: 2024-11-12 15:50 – Updated: 2024-11-13 20:44
VLAI
Title
Denial of Service attack on windows app using Netty
Summary
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
netty netty Affected: < 4.1.115
Create a notification for this product.
netty netty Affected: 0 , < 4.1.115 (custom)
    cpe:2.3:a:netty:netty:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:netty:netty:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "netty",
            "vendor": "netty",
            "versions": [
              {
                "lessThan": "4.1.115",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47535",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T20:43:58.714521Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T20:44:41.743Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "netty",
          "vendor": "netty",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.1.115"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers \u0026 clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T15:50:08.334Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv"
        },
        {
          "name": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3"
        }
      ],
      "source": {
        "advisory": "GHSA-xq3w-v528-46rv",
        "discovery": "UNKNOWN"
      },
      "title": "Denial of Service attack on windows app using Netty"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-47535",
    "datePublished": "2024-11-12T15:50:08.334Z",
    "dateReserved": "2024-09-25T21:46:10.929Z",
    "dateUpdated": "2024-11-13T20:44:41.743Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47497 (GCVE-0-2024-47497)

Vulnerability from cvelistv5 – Published: 2024-10-11 15:28 – Updated: 2024-10-11 17:41
VLAI
Title
Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion
Summary
An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS). An attacker can send specific HTTPS connection requests to the device, triggering the creation of processes that are not properly terminated. Over time, this leads to resource exhaustion, ultimately causing the device to crash and restart. The following command can be used to monitor the resource usage: user@host> show system processes extensive | match mgd | count This issue affects Junos OS on SRX Series and EX Series: All versions before 21.4R3-S7, from 22.2 before 22.2R3-S4, from 22.3 before 22.3R3-S3, from 22.4 before 22.4R3-S2, from 23.2 before 23.2R2-S1, from 23.4 before 23.4R1-S2, 23.4R2.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
URL Tags
https://supportportal.juniper.net/ vendor-advisory
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 0 , < 21.4R3-S7 (semver)
Affected: 22.2 , < 22.2R3-S4 (semver)
Affected: 22.3 , < 22.3R3-S3 (semver)
Affected: 22.4 , < 22.4R3-S2 (semver)
Affected: 23.2 , < 23.2R2-S1 (semver)
Affected: 23.4 , < 23.4R1-S2, 23.4R2 (semver)
Create a notification for this product.
juniper junos Affected: 0 , < 21.4r3-s7 (semver)
Affected: 22.2 , < 22.2r3-s4 (semver)
Affected: 22.3 , < 22.3r3-s3 (semver)
Affected: 22.4 , < 22.4r3-s2 (semver)
Affected: 23.2 , < 23.2r2-s1 (semver)
Affected: 23.4 , < 23.4r1-s2 (semver)
Affected: 23.4 , < 23.4r2 (custom)
    cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-10-09 16:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "junos",
            "vendor": "juniper",
            "versions": [
              {
                "lessThan": "21.4r3-s7",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "22.2r3-s4",
                "status": "affected",
                "version": "22.2",
                "versionType": "semver"
              },
              {
                "lessThan": "22.3r3-s3",
                "status": "affected",
                "version": "22.3",
                "versionType": "semver"
              },
              {
                "lessThan": "22.4r3-s2",
                "status": "affected",
                "version": "22.4",
                "versionType": "semver"
              },
              {
                "lessThan": "23.2r2-s1",
                "status": "affected",
                "version": "23.2",
                "versionType": "semver"
              },
              {
                "lessThan": "23.4r1-s2",
                "status": "affected",
                "version": "23.4",
                "versionType": "semver"
              },
              {
                "lessThan": "23.4r2",
                "status": "affected",
                "version": "23.4",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47497",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-11T17:38:34.095724Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-11T17:41:24.159Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "SRX Series",
            "EX Series",
            "QFX Series",
            "MX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "21.4R3-S7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S4",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R3-S3",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R3-S2",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2-S1",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R1-S2, 23.4R2",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(239, 250, 102);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRequired config:\u003cbr\u003e\u003c/span\u003e\u003c/span\u003e\u003ctt\u003e\u003cspan style=\"background-color: rgb(239, 250, 102);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e[ system services web-management https ... ]\u003c/span\u003e\u003c/span\u003e\u003c/tt\u003e\u003cbr\u003e"
            }
          ],
          "value": "Required config:\n[ system services web-management https ... ]"
        }
      ],
      "datePublic": "2024-10-09T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS).\u003cbr\u003e\u003cbr\u003eAn attacker can send specific HTTPS connection requests to the device, triggering the creation of processes that are not properly terminated. Over time, this leads to resource exhaustion, ultimately causing the device to crash and restart.\u003cbr\u003e\u003cbr\u003eThe following command can be used to monitor the resource usage:\u003cbr\u003e\u003ctt\u003e\u003cspan style=\"background-color: var(--wht);\"\u003euser@host\u0026gt; show system processes extensive | match mgd | count\u003cbr\u003e\u003c/span\u003e\u003c/tt\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cbr\u003eThis issue affects Junos OS on SRX Series and EX Series:\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eAll versions before 21.4R3-S7,\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003efrom 22.2 before 22.2R3-S4,\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003efrom 22.3 before 22.3R3-S3,\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003efrom 22.4 before 22.4R3-S2,\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003efrom 23.2 before 23.2R2-S1,\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003efrom 23.4 before 23.4R1-S2, 23.4R2.\u003c/span\u003e"
            }
          ],
          "value": "An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS).\n\nAn attacker can send specific HTTPS connection requests to the device, triggering the creation of processes that are not properly terminated. Over time, this leads to resource exhaustion, ultimately causing the device to crash and restart.\n\nThe following command can be used to monitor the resource usage:\nuser@host\u003e show system processes extensive | match mgd | count\n\nThis issue affects Junos OS on SRX Series and EX Series:\nAll versions before 21.4R3-S7,\nfrom 22.2 before 22.2R3-S4,\nfrom 22.3 before 22.3R3-S3,\nfrom 22.4 before 22.4R3-S2,\nfrom 23.2 before 23.2R2-S1,\nfrom 23.4 before 23.4R1-S2, 23.4R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/R:A",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-11T15:28:49.424Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S7, 22.2R3-S4, 22.3R3-S3, 22.4R3-S2, 23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S7, 22.2R3-S4, 22.3R3-S3, 22.4R3-S2, 23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA88124",
        "defect": [
          "1783757"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue.\u003cbr\u003e\u003cbr\u003eTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users.\u003cbr\u003e"
            }
          ],
          "value": "There are no known workarounds for this issue.\n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2024-47497",
    "datePublished": "2024-10-11T15:28:49.424Z",
    "dateReserved": "2024-09-25T15:26:52.609Z",
    "dateUpdated": "2024-10-11T17:41:24.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47239 (GCVE-0-2024-47239)

Vulnerability from cvelistv5 – Published: 2025-01-08 02:00 – Updated: 2025-01-08 15:33
VLAI
Summary
Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Dell PowerScale OneFS Affected: 8.2.2.x , ≤ 9.7.1.2 (semver)
Affected: 9.4.0.0 , ≤ 9.4.0.19 (semver)
Affected: 9.5.0.0 , ≤ 9.5.1.1 (semver)
Affected: 9.8.0.0 , ≤ 9.9.0.0 (semver)
Create a notification for this product.
Date Public
2025-01-06 18:30
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47239",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-08T15:33:28.596400Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-08T15:33:59.525Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PowerScale OneFS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThanOrEqual": "9.7.1.2",
              "status": "affected",
              "version": "8.2.2.x",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.4.0.19",
              "status": "affected",
              "version": "9.4.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.5.1.1",
              "status": "affected",
              "version": "9.5.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.9.0.0",
              "status": "affected",
              "version": "9.8.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2025-01-06T18:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service."
            }
          ],
          "value": "Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-08T02:00:15.883Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000269590/dsa-2024-480-security-update-for-dell-powerscale-onefs-security-vulnerability"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-47239",
    "datePublished": "2025-01-08T02:00:15.883Z",
    "dateReserved": "2024-09-23T05:36:07.683Z",
    "dateUpdated": "2025-01-08T15:33:59.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47003 (GCVE-0-2024-47003)

Vulnerability from cvelistv5 – Published: 2024-09-26 08:05 – Updated: 2024-09-26 13:11
VLAI
Title
DoS via non-string message using permalink embed
Summary
Mattermost versions 9.11.x <= 9.11.0 and 9.5.x <= 9.5.8 fail to validate that the message of the permalink post is a string, which allows an attacker to send a non-string value as the message of a permalink post and crash the frontend.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Mattermost Mattermost Affected: 9.11.0
Affected: 9.5.0 , ≤ 9.5.8 (semver)
Unaffected: 10.0.0
Unaffected: 9.11.1
Unaffected: 9.5.9
Create a notification for this product.
Credits
c0rydoras (c0rydoras)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47003",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T13:10:27.555291Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-26T13:11:00.827Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "status": "affected",
              "version": "9.11.0"
            },
            {
              "lessThanOrEqual": "9.5.8",
              "status": "affected",
              "version": "9.5.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.0.0"
            },
            {
              "status": "unaffected",
              "version": "9.11.1"
            },
            {
              "status": "unaffected",
              "version": "9.5.9"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "c0rydoras (c0rydoras)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 9.11.x \u0026lt;= 9.11.0 and 9.5.x \u0026lt;= 9.5.8 fail to validate that the message of the permalink post is a string,\u0026nbsp;which allows an attacker to send a non-string value as the message of a permalink post and crash the frontend.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 9.11.x \u003c= 9.11.0 and 9.5.x \u003c= 9.5.8 fail to validate that the message of the permalink post is a string,\u00a0which allows an attacker to send a non-string value as the message of a permalink post and crash the frontend."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-26T08:05:16.392Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.0.0, 9.11.1, 9.5.9 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.0.0, 9.11.1, 9.5.9 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00373",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-59077"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "DoS via non-string message using permalink embed",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2024-47003",
    "datePublished": "2024-09-26T08:05:16.392Z",
    "dateReserved": "2024-09-23T07:55:36.376Z",
    "dateUpdated": "2024-09-26T13:11:00.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-46891 (GCVE-0-2024-46891)

Vulnerability from cvelistv5 – Published: 2024-11-12 12:49 – Updated: 2024-11-12 14:25
VLAI
Summary
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
  • CWE-125 - Out-of-bounds Read
Assigner
Impacted products
Vendor Product Version
Siemens SINEC INS Affected: 0 , < V1.0 SP2 Update 3 (custom)
Create a notification for this product.
seimens sinec_ins Affected: 0 , < V1.0_SP2_Update 3 (custom)
    cpe:2.3:a:seimens:sinec_ins:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:seimens:sinec_ins:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sinec_ins",
            "vendor": "seimens",
            "versions": [
              {
                "lessThan": "V1.0_SP2_Update 3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-46891",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:22:45.870908Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:25:48.481Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SINEC INS",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.0 SP2 Update 3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SINEC INS (All versions \u003c V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system\u0027s resources and create a denial of service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T12:49:43.155Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-46891",
    "datePublished": "2024-11-12T12:49:43.155Z",
    "dateReserved": "2024-09-12T11:24:19.243Z",
    "dateUpdated": "2024-11-12T14:25:48.481Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45736 (GCVE-0-2024-45736)

Vulnerability from cvelistv5 – Published: 2024-10-14 17:03 – Updated: 2025-02-28 11:03
VLAI
Title
Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon
Summary
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGEST_EVAL" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd).
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - The software does not properly control the allocation and maintenance of a limited resource thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
Assigner
Impacted products
Vendor Product Version
Splunk Splunk Enterprise Affected: 9.3 , < 9.3.1 (custom)
Affected: 9.2 , < 9.2.3 (custom)
Affected: 9.1 , < 9.1.6 (custom)
Create a notification for this product.
Splunk Splunk Cloud Platform Affected: 9.2.2403 , < 9.2.2403.107 (custom)
Affected: 9.1.2312 , < 9.1.2312.204 (custom)
Affected: 9.1.2312 , < 9.1.2312.111 (custom)
Create a notification for this product.
splunk splunk_enterprise Affected: 9.3 , < 9.3.1 (custom)
Affected: 9.2 , < 9.2.3 (custom)
Affected: 9.1 , < 9.1.6 (custom)
    cpe:2.3:a:splunk:splunk_enterprise:*:*:*:*:*:*:*:*
Create a notification for this product.
splunk splunk_cloud_platform Affected: 9.2.2403 , < 9.2.2403.107 (custom)
Affected: 9.1.2312 , < 9.1.2312.204 (custom)
Affected: 9.1.2312 , < 9.1.2312.111 (custom)
    cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-10-14 00:00
Credits
Danylo Dmytriiev (DDV_UA)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:splunk:splunk_enterprise:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "splunk_enterprise",
            "vendor": "splunk",
            "versions": [
              {
                "lessThan": "9.3.1",
                "status": "affected",
                "version": "9.3",
                "versionType": "custom"
              },
              {
                "lessThan": "9.2.3",
                "status": "affected",
                "version": "9.2",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1.6",
                "status": "affected",
                "version": "9.1",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "splunk_cloud_platform",
            "vendor": "splunk",
            "versions": [
              {
                "lessThan": "9.2.2403.107",
                "status": "affected",
                "version": "9.2.2403",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1.2312.204",
                "status": "affected",
                "version": "9.1.2312",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1.2312.111",
                "status": "affected",
                "version": "9.1.2312",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45736",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T16:36:03.459233Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T16:40:23.384Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Splunk Enterprise",
          "vendor": "Splunk",
          "versions": [
            {
              "lessThan": "9.3.1",
              "status": "affected",
              "version": "9.3",
              "versionType": "custom"
            },
            {
              "lessThan": "9.2.3",
              "status": "affected",
              "version": "9.2",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1.6",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Splunk Cloud Platform",
          "vendor": "Splunk",
          "versions": [
            {
              "lessThan": "9.2.2403.107",
              "status": "affected",
              "version": "9.2.2403",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1.2312.204",
              "status": "affected",
              "version": "9.1.2312",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1.2312.111",
              "status": "affected",
              "version": "9.1.2312",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Danylo\u00a0Dmytriiev (DDV_UA)"
        }
      ],
      "datePublic": "2024-10-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a search query with an improperly formatted  \"INGEST_EVAL\" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd)."
            }
          ],
          "value": "In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a search query with an improperly formatted  \"INGEST_EVAL\" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "The software does not properly control the allocation and maintenance of a limited resource thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-28T11:03:54.861Z",
        "orgId": "42b59230-ec95-491e-8425-5a5befa1a469",
        "shortName": "Splunk"
      },
      "references": [
        {
          "url": "https://advisory.splunk.com/advisories/SVD-2024-1006"
        },
        {
          "url": "https://research.splunk.com/application/08978eca-caff-44c1-84dc-53f17def4e14/"
        }
      ],
      "source": {
        "advisory": "SVD-2024-1006"
      },
      "title": "Improperly Formatted \u2018INGEST_EVAL\u2019 Parameter Crashes Splunk Daemon"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469",
    "assignerShortName": "Splunk",
    "cveId": "CVE-2024-45736",
    "datePublished": "2024-10-14T17:03:34.828Z",
    "dateReserved": "2024-09-05T21:35:21.290Z",
    "dateUpdated": "2025-02-28T11:03:54.861Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design

Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.

Mitigation
Architecture and Design
  • Mitigation of resource exhaustion attacks requires that the target system either:
  • The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
  • The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
  • recognizes the attack and denies that user further access for a given amount of time, or
  • uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Architecture and Design

Ensure that protocols have specific limits of scale placed on them.

Mitigation
Implementation

Ensure that all failures in resource allocation place the system into a safe posture.

CAPEC-147: XML Ping of the Death

An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.

CAPEC-227: Sustained Client Engagement

An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.

CAPEC-492: Regular Expression Exponential Blowup

An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.