Lucene search

K

Veracode Vulnerability DatabaseVERACODE:44235

HistoryNov 12, 2023 - 6:41 p.m.

Denial Of Service (DoS)

2023-11-1218:41:45

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10

squid

vulnerability

ftp url

dos

attack

service disruption

unresponsiveness

software

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

7.1

Confidence

High

EPSS

0.009

Percentile

82.8%

squid is vulnerable to Denial Of Service (DoS). In this context, a remote attacker could potentially perform a Denial of Service (DoS) attack by sending FTP URLs in HTTP Request messages or by constructing FTP URLs from FTP Native input. This type of attack might lead to service disruption or unresponsiveness.

References

access.redhat.com/errata/RHSA-2023:6266

access.redhat.com/errata/RHSA-2023:6268

access.redhat.com/errata/RHSA-2023:6748

access.redhat.com/security/cve/CVE-2023-46848

bugzilla.redhat.com/show_bug.cgi?id=2245919

github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w

security-tracker.debian.org/tracker/CVE-2023-46848

security.netapp.com/advisory/ntap-20231214-0005/

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

7.1

Confidence

High

EPSS

0.009

Percentile

82.8%

Related for VERACODE:44235

alpinelinux1 prion1 osv6 redhatcve1 debiancve1 ubuntucve1 nvd1 cvelist1 cve1 openvas6 photon2 redhat3 oraclelinux2 nessus14 almalinux2 rocky1 f51 mageia1 redos1 ubuntu1 rosalinux1 debian1