CVE-2024-24568

medium

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

References

https://redmine.openinfosecfoundation.org/issues/6717

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/

https://lists.fedoraproject.org/archives/list/[email protected]/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/

https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c

https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0

Details

Source: Mitre, NVD

Published: 2024-02-26

Updated: 2024-12-19

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00252