CVE-2024-10345

In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek.

CVSS

No CVSS.

References

Link	Resource
https://portal.perforce.com/s/detail/a91PA000001SZQTYA4

Configurations

No configuration.

History

21 Nov 2024, 08:48

Type	Values Removed	Values Added
Summary	~~(en) In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Wi?sek.~~	(en) In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek.

12 Nov 2024, 13:55

Type	Values Removed	Values Added
Summary		(es) En versiones de Helix Core anteriores a 2024.2, se identificó una denegación de servicio (DoS) remota no autenticada a través de la función de apagado. Informado por Karol Wi?sek.
Summary	~~(en) In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek.~~	(en) In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Wi?sek.

11 Nov 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-11 14:15

Updated : 2024-11-21 08:48

NVD link : CVE-2024-10345

Mitre link : CVE-2024-10345

CVE.ORG link : CVE-2024-10345

JSON object : View

Products Affected

No product.

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2024-10345", "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security@puppet.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 8.7, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "NONE", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-11-11T14:15:14.563", "references": [{"url": "https://portal.perforce.com/s/detail/a91PA000001SZQTYA4", "source": "security@puppet.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@puppet.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Wi\u0119sek."}, {"lang": "es", "value": "En versiones de Helix Core anteriores a 2024.2, se identific\u00f3 una denegaci\u00f3n de servicio (DoS) remota no autenticada a trav\u00e9s de la funci\u00f3n de apagado. Informado por Karol Wi?sek."}], "lastModified": "2024-11-21T08:48:25.993", "sourceIdentifier": "security@puppet.com"}