Lucene search

K

RedosROS-20240521-02

HistoryMay 21, 2024 - 12:00 a.m.

ROS-20240521-02

2024-05-2100:00:00

redos.red-soft.ru

1

squid

proxy server

vulnerability

remote attackers

denial of service

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

7.2 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

Vulnerability in HTTP Digest Authentication handler of Squid proxy server is related to
uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or other impact.
remotely to cause a denial of service or other impact

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64squid<= 6.5-1UNKNOWN

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

7.2 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

Related for ROS-20240521-02

prion1 veracode2 nessus36 openvas10 redhat14 amazon2 cvelist1 cloudlinux2 nvd1 debiancve1 ubuntucve1 alpinelinux1 osv12 centos1 oraclelinux7 redhatcve1 cve1 ubuntu2 almalinux4 rocky3 f51 photon3 mageia1 redos1 debian2