CVE-2024-28870Allocation of Resources Without Limits or Throttling in Suricata

CWE-770Allocation of Resources Without Limits or Throttling4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 35.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oisf Suricata
Timeline
PublishedApr 3

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in alert records. This issue has been patched in versions 6.0.17 and 7.0.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDoisf/suricata7.0.07.0.4+1
Debianoisf/suricata< 1:7.0.4-1+1
CVEListV5oisf/suricata6.0.16+1

🔴Vulnerability Details

2
CVEList
Suricata uses excessive resource use in malformed ssh traffic parsing2024-04-03
OSV
CVE-2024-28870: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Sur2024-04-03

📋Vendor Advisories

1
Debian
CVE-2024-28870: suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System an...2024
CVE-2024-28870 — Oisf Suricata vulnerability | cvebase