Lucene search

@huntr_aiVULNRICHMENT:CVE-2024-5979

HistoryJun 27, 2024 - 6:40 p.m.

CVE-2024-5979 Denial of Service via Invalid Argument in h2oai/h2o-3

2024-06-2718:40:07

CWE-400

@huntr_ai

github.com

cve-2024-5979

denial of service

h2oai/h2o-3

invalid argument

rapids component

mojoconverttool

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

In h2oai/h2o-3 version 3.46.0, the run_tool command in the rapids component allows the main function of any class under the water.tools namespace to be called. One such class, MojoConvertTool, crashes the server when invoked with an invalid argument, causing a denial of service.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:h2oai:h2oai\\/h2o-3:3.40.0.4:*:*:*:*:*:*:*"
    ],
    "vendor": "h2oai",
    "product": "h2oai\\/h2o-3",
    "versions": [
      {
        "status": "affected",
        "version": "3.46.0"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

huntr.com/bounties/d80a2139-fc03-44b7-b739-de41e323b458

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-5979