Lucene search

[email protected]CVE-2023-29487

HistoryDec 21, 2023 - 1:15 a.m.

CVE-2023-29487

2023-12-2101:15:32

CWE-1333

[email protected]

web.nvd.nist.gov

cve-2023

heimdal

thor agent

dos

threat prevention

windows

macos

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

8.8 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.8%

JSON

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module.

Affected configurations

NVD

Node

heimdalsecuritythorRange≤3.5.3

AND

microsoftwindowsMatch-

Node

heimdalsecuritythorRange≤2.6.9

AND

applemacosMatch-

CPENameOperatorVersion
heimdalsecurity:thorheimdalsecurity thorle3.5.3

CPE	Name	Operator	Version
heimdalsecurity:thor	heimdalsecurity thor	le	3.5.3

References

medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

8.8 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.8%

JSON

Related for CVE-2023-29487

prion1 nvd1 ubuntucve1 cvelist1