Lucene search

K
cvelistDIVDCVELIST:CVE-2024-21875
HistoryFeb 11, 2024 - 8:37 a.m.

CVE-2024-21875 DoS attack when broadcasting billboard messages

2024-02-1108:37:10
CWE-770
DIVD
www.cve.org
cve-2024-21875
dos attack
resource allocation
throttling vulnerability
hacker hotel badge
flooding

5.7 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

9.0%

Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "billboard"
    ],
    "platforms": [
      "risc-v"
    ],
    "product": "Hacker Hotel Badge 2024",
    "repo": "https://github.com/badgeteam/hackerhotel-2024-firmware-esp32c6",
    "vendor": "Badge.team",
    "versions": [
      {
        "lessThanOrEqual": "0.1.3",
        "status": "affected",
        "version": "0.1.0",
        "versionType": "semver"
      }
    ]
  }
]

5.7 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

9.0%

Related for CVELIST:CVE-2024-21875