CVE-2024-12243

🗓️ 10 Feb 2025 15:28:10Reported by redhatType

Flaw in GnuTLS allows remote attackers to exploit inefficient processing, causing denial-of-service.

Reporter	Title	Published	Views	Family All 191
IBM Security Bulletins	Security Bulletin: Security vulnerabilities affect multiple packages shipped with IBM CICS TX Advanced.	28 Apr 202510:33	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues	28 Aug 202521:17	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access	5 Jan 202600:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images	15 Jun 202513:39	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in RedHat UBI affects IBM Robotic Process Automation for Cloud Pak and may result in denial of service (CVE-2024-12243).	10 Dec 202513:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)	21 Oct 202514:44	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities found in IBM TXSeries for Multiplatforms.	7 Jul 202514:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues	28 Aug 202521:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates	30 Jun 202513:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image	3 Jul 202510:30	–	ibm

Vulnrichment

Node

siemens simatic_s7-1500_cpu_1518-4_pn/dp_mfpRange≤3.1.5

siemens simatic_s7-1500_cpu_1518f-4_pn/dp_mfpRange≤3.1.5

siemens siplus_s7-1500_cpu_1518-4_pn/dp_mfpRange≤3.1.5

siemens ruggedcom_rox_mx5000Range≤0

siemens ruggedcom_rox_mx5000reRange≤0

siemens ruggedcom_rox_rx1400Range≤0

siemens ruggedcom_rox_rx1500Range≤0

siemens ruggedcom_rox_rx1501Range≤0

siemens ruggedcom_rox_rx1510Range≤0

siemens ruggedcom_rox_rx1511Range≤0

siemens ruggedcom_rox_rx1512Range≤0

siemens ruggedcom_rox_rx1524Range≤0

siemens ruggedcom_rox_rx1536Range≤0

siemens ruggedcom_rox_rx5000Range≤0

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "semver",
        "lessThanOrEqual": "3.6.16"
      },
      {
        "status": "affected",
        "version": "3.7.0",
        "versionType": "semver",
        "lessThanOrEqual": "3.7.11"
      },
      {
        "status": "affected",
        "version": "3.8.0",
        "lessThan": "3.8.8",
        "versionType": "semver"
      },
      {
        "status": "unaffected",
        "version": "3.8.9",
        "lessThan": "*",
        "versionType": "semver"
      }
    ],
    "packageName": "gnutls",
    "collectionURL": "https://gitlab.com/gnutls/gnutls/",
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.6.16-8.el8_10.3",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::baseos",
      "cpe:/a:redhat:enterprise_linux:8::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.6.16-8.el8_10.3",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::baseos",
      "cpe:/a:redhat:enterprise_linux:8::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.8.3-6.el9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/o:redhat:enterprise_linux:9::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.8.3-6.el9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/o:redhat:enterprise_linux:9::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.7.6-21.el9_2.4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_e4s:9.2::appstream",
      "cpe:/o:redhat:rhel_e4s:9.2::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:3.8.3-4.el9_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:rhel_eus:9.4::baseos",
      "cpe:/a:redhat:rhel_eus:9.4::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Discovery 1.14",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "discovery/discovery-server-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "sha256:ad1045aa0de937c3a6969ec377f7bfeda9a44ee434a954e8245e9840316ffc1c",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:discovery:1.14::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Discovery 1.14",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "discovery/discovery-ui-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:discovery:1.14::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "gnutls",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rhcos",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2024-12243
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
gitlab	www.gitlab.com/gnutls/gnutls/-/issues/1553
access	www.access.redhat.com/errata/RHSA-2025:17361
access	www.access.redhat.com/errata/RHSA-2025:7076
access	www.access.redhat.com/errata/RHSA-2025:4051
access	www.access.redhat.com/errata/RHSA-2025:8385
gitlab	www.gitlab.com/gnutls/libtasn1/-/issues/52
access	www.access.redhat.com/errata/RHSA-2025:8020
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-202008.html

12 May 2026 12:16Current

5.1Medium risk

Vulners AI Score5.1

CVSS 3.15.3

EPSS0.01227

SSVC

CWE-407

cve-2024-12243 gnutls libtasn1 denial-of-service certificate processing