Lucene search

K
cve[email protected]CVE-2024-34905
HistoryMay 16, 2024 - 3:15 p.m.

CVE-2024-34905

2024-05-1615:15:47
CWE-120
web.nvd.nist.gov
33
flyfish buffer overflow
login page
dos attack
cve-2024-34905

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0 Low

EPSS

Percentile

0.0%

FlyFish v3.0.0 was discovered to contain a buffer overflow via the password parameter on the login page. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Affected configurations

NVD
Node
cloudwiseflyfishMatch3.0.0

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0 Low

EPSS

Percentile

0.0%

Related for CVE-2024-34905