Lucene search

5d1c2695-1a31-4499-88ae-e847036fd7e3NVD:CVE-2024-6594

HistorySep 25, 2024 - 12:15 p.m.

CVE-2024-6594

2024-09-2512:15:05

CWE-755

5d1c2695-1a31-4499-88ae-e847036fd7e3

web.nvd.nist.gov

watchguard single sign-on client

windows

vulnerability

denial of service

malformed commands

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

9.6%

JSON

Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single Sign-On service by repeatedly issuing malformed commands.

This issue affects Single Sign-On Client: through 12.7.

Affected configurations

Nvd

Node

watchguardsingle_sign-on_clientRange≤12.7windows

VendorProductVersionCPE
watchguardsingle_sign-on_client*cpe:2.3:a:watchguard:single_sign-on_client:*:*:*:*:*:windows:*:*

Vendor	Product	Version	CPE
watchguard	single_sign-on_client	*	cpe:2.3:a:watchguard:single_sign-on_client::::::windows::*

References

www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00016

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

9.6%

JSON

Related for NVD:CVE-2024-6594