admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-471xx/CVE-2024-47187.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

118 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-47187",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-16T19:15:27.407",
"lastModified": "2024-10-22T13:48:59.893",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for \"thash\" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to use excessive time to load, as well as runtime performance issues during traffic handling. This issue has been addressed in 7.0.7. As a workaround, avoid loading datasets from untrusted sources. Avoid dataset rules that track traffic in rules."
},
{
"lang": "es",
"value": "Suricata es un sistema de detecci\u00f3n de intrusiones, un sistema de prevenci\u00f3n de intrusiones y un motor de monitoreo de seguridad de red. Antes de la versi\u00f3n 7.0.7, la falta de inicializaci\u00f3n de la semilla aleatoria para \"thash\" provocaba que los conjuntos de datos tuvieran un comportamiento de tabla hash predecible. Esto puede provocar que la carga de archivos de conjuntos de datos utilice un tiempo excesivo para cargarse, as\u00ed como problemas de rendimiento en tiempo de ejecuci\u00f3n durante el manejo del tr\u00e1fico. Este problema se ha solucionado en la versi\u00f3n 7.0.7. Como workaround, evite cargar conjuntos de datos de fuentes no confiables. Evite las reglas de conjuntos de datos que rastrean el tr\u00e1fico en las reglas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.7",
"matchCriteriaId": "444932ED-FCA1-4C9B-90CE-C3EEFAAA9DB2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-64ww-4f6x-863p",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/7209",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink