Vulnerabilities > CVE-2024-24568

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

oisf

fedoraproject

NVD

Published: 2024-02-26

Updated: 2024-12-19

Summary

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

Vulnerable Configurations

Part	Description	Count
Application	Oisf Oisf Suricata 7.0.0 Oisf Suricata 7.0.1 Oisf Suricata 7.0.2	6
OS	Fedoraproject Fedoraproject Fedora 38 Fedoraproject Fedora 39	2

References

https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0
https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0
https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c
https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c
https://lists.fedoraproject.org/archives/list/[email protected]/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/
https://lists.fedoraproject.org/archives/list/[email protected]/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/
https://redmine.openinfosecfoundation.org/issues/6717
https://redmine.openinfosecfoundation.org/issues/6717

Vulnerabilities > CVE-2024-24568 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-24568"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2024-24568