Vulnerabilities > CVE-2024-45796 - Off-by-one Error vulnerability in Oisf Suricata

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
oisf
CWE-193

Summary

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been addressed in 7.0.7.

Vulnerable Configurations

Part Description Count
Application
Oisf
155

Common Weakness Enumeration (CWE)