11 matches found
SUSE CVE-2024-12289
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
CVE-2024-12289
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
CVE-2024-1052
Boundary and Boundary Enterprise “Boundary” is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use TOFU token may craft a TLS...
GHSA-XX83-CXMQ-X89M Boundary Community Edition Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
Boundary Community Edition Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
CVE-2024-12289
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
CVE-2024-12289 Boundary Controller Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
CVE-2024-12289
CVE-2024-12289 affects Boundary Community Edition and Boundary Enterprise. The issue occurs during initialization of the Boundary controller, where HTTP requests are mishandled and may cause the Boundary server to terminate prematurely. Fixed in Boundary 0.16.4, 0.17.3, and 0.18.2. Connected docu...
Boundary vulnerable to session hijacking through TLS certificate tampering
Boundary and Boundary Enterprise “Boundary” is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use TOFU token may craft a TLS...
CVE-2024-1052
Boundary and Boundary Enterprise “Boundary” is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use TOFU token may craft a TLS...
Session fixation
Boundary and Boundary Enterprise “Boundary” is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use TOFU token may craft a TLS...