Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:45863
HistoryMar 14, 2024 - 7:36 a.m.

Denial Of Service (DoS)

2024-03-1407:36:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
microsoft
quic
denial of service
vulnerability
memory consumption
.net
web servers
windows

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

Microsoft QUIC is vulnerable to Denial Of Service (DoS). The vulnerability is caused by holding onto failed connections, leading to continuous memory consumption until exhaustion, resulting in Denial of Service. Note that this vulnerability is not exploitable on .NET-based web servers running on Windows.

Related

vulnrichment 1
cve 1
alpinelinux 1
osv 3
github 1
prion 1
nvd 1
ubuntucve 1
mscve 1
cvelist 1
mskb 7
nessus 6
openvas 3
kaspersky 2
rapid7blog 1
vulnrichment
vulnrichment
CVE-2024-26190 Microsoft QUIC Denial of Service Vulnerability
2024-03-12 16:57:52
cve
cve
CVE-2024-26190
2024-03-12 17:15:57
alpinelinux
alpinelinux
CVE-2024-26190
2024-03-12 17:15:57
osv
osv
BIT-dotnet-2024-26190
2024-06-04 09:39:22
Remote Denial of Service Vulnerability in Microsoft QUIC
2024-03-13 17:14:43
BIT-dotnet-sdk-2024-26190
2024-06-04 09:39:18
github
github
Remote Denial of Service Vulnerability in Microsoft QUIC
2024-03-13 17:14:43
prion
prion
Denial of service
2024-03-12 17:15:00
nvd
nvd
CVE-2024-26190
2024-03-12 17:15:57
ubuntucve
ubuntucve
CVE-2024-26190
2024-03-12 00:00:00
mscve
mscve
Microsoft QUIC Denial of Service Vulnerability
2024-03-12 07:00:00
cvelist
cvelist
CVE-2024-26190 Microsoft QUIC Denial of Service Vulnerability
2024-03-12 16:57:52
mskb
mskb
.NET 8.0 Update - March 12, 2024 (KB5036452)
2024-03-12 07:00:00
.NET 7.0 Update - March 12, 2024 (KB5036451)
2024-03-12 07:00:00
March 12, 2024—KB5035856 (OS Build 25398.763)
2024-03-12 07:00:00
nessus
nessus
Security Update for Microsoft .NET Core SDK (March 2024)
2024-03-13 00:00:00
Security Updates for Microsoft Visual Studio Products (March 2024)
2024-03-12 00:00:00
KB5035856: Windows 11 version 22H2 / Windows Server version 23H2 Security Update (March 2024)
2024-03-12 00:00:00
openvas
openvas
.NET Core Multiple Denial of Service Vulnerabilities (KB5036452)
2024-03-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5035854)
2024-03-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5035853)
2024-03-13 00:00:00
kaspersky
kaspersky
KLA65128 Multiple vulnerabilities in Microsoft Developer Tools
2024-03-12 00:00:00
KLA65126 Multiple vulnerabilities in Microsoft Windows
2024-03-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2024
2024-03-12 19:47:44

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON
Related for VERACODE:45863
vulnrichment1cve1alpinelinux1osv3github1prion1nvd1ubuntucve1mscve1cvelist1mskb7nessus6openvas3kaspersky2rapid7blog1