Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-XJM6-JFMG-QC6P
HistoryMay 29, 2024 - 2:38 p.m.

Aimeos denial of service vulnerability in SaaS and marketplace setups

2024-05-2914:38:11
CWE-270
GitHub Advisory Database
github.com
7
aimeos
denial of service
vulnerability
saas
marketplace
upgrade
aimeos-core
lts
package

CVSS3

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

AI Score

7

Confidence

High

EPSS

0

Percentile

9.0%

JSON

Impact

All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack

Patches

Upgrade to the latest 2022.10 LTS, 2023.10 LTS and 2024.04.7 version of the aimeos/aimeos-core package

Affected configurations

Vulners
Node
aimeosaimeos-coreRange2022.04.12022.10.17
OR
aimeosaimeos-coreRange2023.04.12023.10.17
OR
aimeosaimeos-coreRange2024.04.12024.04.7
VendorProductVersionCPE
aimeosaimeos-core*cpe:2.3:a:aimeos:aimeos-core:*:*:*:*:*:*:*:*

Related

nvd 1
vulnrichment 1
cve 1
cvelist 1
osv 1
nvd
nvd
CVE-2024-37294
2024-06-11 15:16:09
vulnrichment
vulnrichment
CVE-2024-37294 Aimeos denial of service vulnerability in SaaS and marketplace setups
2024-06-11 14:16:29
cve
cve
CVE-2024-37294
2024-06-11 15:16:09
cvelist
cvelist
CVE-2024-37294 Aimeos denial of service vulnerability in SaaS and marketplace setups
2024-06-11 14:16:29
osv
osv
Aimeos denial of service vulnerability in SaaS and marketplace setups
2024-05-29 14:38:11

CVSS3

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

AI Score

7

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for GHSA-XJM6-JFMG-QC6P
nvd1vulnrichment1cve1cvelist1osv1