Lucene search
K

6 matches found

F5 Networks
F5 Networks
added 2025/02/28 7:47 p.m.29 views

K000150185: TCP/IP protocol vulnerabilities CVE-2024-7595, CVE-2024-7596, CVE-2025-23018, and CVE-2025-23019

Security Advisory Description CVE-2024-7595 GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected...

6.5CVSS5.6AI score0.01552EPSS
Exploits0
NVD
NVD
added 2025/02/05 6:15 p.m.35 views

CVE-2024-7596

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

6.5CVSS0.00845EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/05 5:37 p.m.20 views

CVE-2024-7596 Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

0.00845EPSS
Exploits0References2
CVE
CVE
added 2025/02/05 5:37 p.m.86 views

CVE-2024-7596

CVE-2024-7596 / CVE-2025-23018 (and related CVEs) involve tunneling protocols that do not validate the source of a network packet. Specifically: The GRE/GRE6 (CVE-2024-7595) and Propose d Generic UDP Encapsulation (GUE) (CVE-2024-7596) cases describe lack of source verification in encapsulated tr...

6.5CVSS6.5AI score0.00845EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/05 5:37 p.m.12 views

CVE-2024-7596 Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

6.5AI score0.00845EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/01/16 2:26 p.m.26 views

CVE-2024-7596

An insecure configuration flaw was found in the Generic UDP Encapsulation Protocol. When configured to not require authentication or filtering, this issue could allow a remote unauthenticated attacker to spoof packets or bypass access controls. Mitigation See references section for detailed...

5.4CVSS7.1AI score0.00845EPSS
Exploits0References6
Rows per page
Query Builder