mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
25 lines
1.1 KiB
JSON
25 lines
1.1 KiB
JSON
{
|
|
"id": "CVE-2024-34235",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2025-01-22T15:15:12.900",
|
|
"lastModified": "2025-01-22T15:15:12.900",
|
|
"vulnStatus": "Received",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `Initial UE Message` missing a required `NAS_PDU` field to repeatedly crash the MME, resulting in denial of service."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Las versiones de Open5GS MME anteriores a la 2.6.4 contienen una afirmaci\u00f3n que se puede activar de forma remota a trav\u00e9s de un paquete ASN.1 mal formado a trav\u00e9s de la interfaz S1AP. Un atacante puede enviar un \u00abMensaje inicial de UE\u00bb sin un campo \u00abNAS_PDU\u00bb obligatorio para bloquear repetidamente el MME, lo que da como resultado la denegaci\u00f3n de servicio."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://cellularsecurity.org/ransacked",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |