CVE-2024-45863

A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.facebook.com/security/advisories/cve-2024-45863

Configurations

No configuration.

History

30 Sep 2024, 12:45

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de desreferencia nula que implica el análisis de solicitudes que especifican protocolos no válidos puede provocar que la aplicación se bloquee o potencialmente tener otros efectos no deseados. Este problema afecta a Facebook Thrift desde la versión v2024.09.09.00 hasta la v2024.09.23.00.

27 Sep 2024, 15:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3

27 Sep 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-27 14:15

Updated : 2024-09-30 12:45

NVD link : CVE-2024-45863

Mitre link : CVE-2024-45863

CVE.ORG link : CVE-2024-45863

JSON object : View

Products Affected

No product.

CWE

No CWE.

5.3 /10