CVE-2024-47187Use of Insufficiently Random Values in Suricata

CWE-330Use of Insufficiently Random ValuesCWE-327Use of a Broken or Risky Cryptographic Algorithm4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 81.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oisf Suricata
Timeline
PublishedOct 16

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to use excessive time to load, as well as runtime performance issues during traffic handling. This issue has been addressed in 7.0.7. As a workaround, avoid loading datasets from untrusted sources. Avoid data

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

CVEListV5oisf/suricata< 7.0.7
NVDoisf/suricata< 7.0.7
Debianoisf/suricata< 1:7.0.7-1+1

🔴Vulnerability Details

2
OSV
CVE-2024-47187: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine2024-10-16
CVEList
Suricata datasets: missing hashtable random seed leads to potential DoS2024-10-16

📋Vendor Advisories

1
Debian
CVE-2024-47187: suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System an...2024
CVE-2024-47187 — Use of Insufficiently Random Values | cvebase