CVE-2024-7113Allocation of Resources Without Limits or Throttling in Application Server

CWE-770Allocation of Resources Without Limits or Throttling3 documents3 sources
Severity
8.7HIGHNVD
EPSS
0.1%
top 65.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Aveva Application ServerAveva Batch ManagementAveva Communication Drivers Pack+3 more
Timeline
PublishedAug 13

Description

If exploited, this vulnerability could cause a SuiteLink server to consume excessive system resources and slow down processing of Data I/O for the duration of the attack.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages6 packages

CVEListV5aveva/suitelink_server3.7.0
CVEListV5aveva/application_server2023 R2 P01
CVEListV5aveva/intouch2023 R2 P01
CVEListV5aveva/historian2023 R2 P01
CVEListV5aveva/batch_management2023

🔴Vulnerability Details

2
CVEList
Allocation of Resources Without Limits or Throttling in AVEVA SuiteLink Server2024-08-13
GHSA
GHSA-jj5m-2m9j-hxjw: If exploited, this vulnerability could cause a SuiteLink server to consume excessive system resources and slow down processing of Data I/O for the dur2024-08-13
CVE-2024-7113 — Aveva Application Server vulnerability | cvebase