CVE-2024-24568
published 2024-02-26CVE-2024-24568: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting…
PriorityP428medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
EPSS
0.64%
46.0th percentile
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | suricata | < suricata 1:7.0.3-1 (forky) | suricata 1:7.0.3-1 (forky) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| oisf | suricata | — | — |
| oisf | suricata | >= 0 < 1:7.0.3-1 | 1:7.0.3-1 |
| oisf | suricata | >= 0 < 1:7.0.3-1 | 1:7.0.3-1 |
| oisf | suricata | >= 7.0.0 < 7.0.3 | 7.0.3 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
osv5.3MEDIUM
vendor_debian5.3LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2024-24568: suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System an...
vendor_debian·2024·CVSS 5.3
CVE-2024-24568 [MEDIUM] CVE-2024-24568: suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System an...
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved (fixed in 1:7.0.3-1)
sid: resolved (fixed in 1:7.0.3-1)
trixie: resolved (fixed in 1:7.0.3-1)
OSV
CVE-2024-24568: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine
osv·2024-02-26·CVSS 5.3
CVE-2024-24568 [MEDIUM] CVE-2024-24568: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8chttps://lists.fedoraproject.org/archives/list/[email protected]/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/https://lists.fedoraproject.org/archives/list/[email protected]/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/https://redmine.openinfosecfoundation.org/issues/6717https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8chttps://lists.fedoraproject.org/archives/list/[email protected]/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/https://lists.fedoraproject.org/archives/list/[email protected]/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/https://redmine.openinfosecfoundation.org/issues/6717
2024-02-26
Published