Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2024-37151
HistoryJul 11, 2024 - 3:15 p.m.

CVE-2024-37151

2024-07-1115:15:11
Google
osv.dev
1
suricata
network security
fragmented packets
ip id
policy bypass
upgrade
software update
af-packet
defrag

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

22.2%

JSON

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable defrag to reduce the scope of the problem.

Related

nvd 1
ubuntucve 1
vulnrichment 1
debiancve 1
cvelist 1
cve 1
alpinelinux 1
nessus 2
mageia 1
openvas 1
photon 2
nvd
nvd
CVE-2024-37151
2024-07-11 15:15:11
ubuntucve
ubuntucve
CVE-2024-37151
2024-07-11 00:00:00
vulnrichment
vulnrichment
CVE-2024-37151 Suricata defrag: IP ID reuse can lead to policy bypass
2024-07-11 14:39:32
debiancve
debiancve
CVE-2024-37151
2024-07-11 15:15:11
cvelist
cvelist
CVE-2024-37151 Suricata defrag: IP ID reuse can lead to policy bypass
2024-07-11 14:39:32
cve
cve
CVE-2024-37151
2024-07-11 15:15:11
alpinelinux
alpinelinux
CVE-2024-37151
2024-07-11 15:15:11
nessus
nessus
Photon OS 4.0: Suricata PHSA-2024-4.0-0656
2024-07-24 00:00:00
Photon OS 5.0: Suricata PHSA-2024-5.0-0326
2024-07-24 00:00:00
mageia
mageia
Updated suricata packages fix security vulnerabilities
2024-09-17 05:41:21
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0306)
2024-09-17 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0656
2024-07-23 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0326
2024-07-23 00:00:00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

22.2%

JSON
Related for OSV:CVE-2024-37151
nvd1ubuntucve1vulnrichment1debiancve1cvelist1cve1alpinelinux1nessus2mageia1openvas1photon2