CVE-2024-10344

In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Wi?sek.

CVSS

No CVSS.

References

Link	Resource
https://portal.perforce.com/s/detail/a91PA000001SZOrYAO

Configurations

No configuration.

History

12 Nov 2024, 13:55

Type	Values Removed	Values Added
Summary		(es) En versiones de Helix Core anteriores a 2024.2, se identificó una denegación de servicio (DoS) remota no autenticada a través de la función de rechazo. Informado por Karol Wi?sek.
Summary	~~(en) In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Więsek.~~	(en) In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Wi?sek.

11 Nov 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-11 14:15

Updated : 2024-11-12 13:55

NVD link : CVE-2024-10344

Mitre link : CVE-2024-10344

CVE.ORG link : CVE-2024-10344

JSON object : View

Products Affected

No product.

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2024-10344", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security@puppet.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 8.7, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "NONE", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-11-11T14:15:14.453", "references": [{"url": "https://portal.perforce.com/s/detail/a91PA000001SZOrYAO", "source": "security@puppet.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@puppet.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Wi?sek."}, {"lang": "es", "value": "En versiones de Helix Core anteriores a 2024.2, se identific\u00f3 una denegaci\u00f3n de servicio (DoS) remota no autenticada a trav\u00e9s de la funci\u00f3n de rechazo. Informado por Karol Wi?sek."}], "lastModified": "2024-11-12T13:55:21.227", "sourceIdentifier": "security@puppet.com"}