CVE-2024-34034

An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service (DoS) attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component.

CVSS v3 5.7 MEDIUM

5.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 4.7

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://gist.github.com/fklement/3a43dbb9fb361dddd8db7703080ade0f
https://gitlab.eurecom.fr/mosaic5g/flexric/-/tags/v2.0.0

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Se descubrió un problema en FlexRIC 2.0.0. Se bloquea durante un ataque de denegación de servicio (DoS) de solicitud de suscripción, desencadenado por un error de aserción. Un atacante debe enviar una gran cantidad de solicitudes de suscripción E42 al componente RIC Near-RT.

25 Feb 2025, 20:15

Type	Values Removed	Values Added
CWE		CWE-617
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.7

25 Feb 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-25 15:15

Updated : 2026-04-15 00:35

NVD link : CVE-2024-34034

Mitre link : CVE-2024-34034

CVE.ORG link : CVE-2024-34034

JSON object : View

Products Affected

No product.

CWE

CWE-617

Reachable Assertion

5.7 /10