CVE-2024-3772 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-3772 PUBLISHED CVSS 8.699999809265137 HIGH

Es besteht eine Schwachstelle in IBM App Connect Enterprise. Dieser Fehler besteht in der Komponente Pydantic aufgrund einer unsachgemäßen Eingabevalidierung. Durch Senden einer speziell gestalteten E-Mail-Zeichenfolge kann ein entfernter, anonymer Angreifer eine Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.

EPSS 0.28% · 51.2th percentile

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.28%

51.2th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux Update Infrastructure 4
Red Hat	Red Hat Satellite 6.15
Gentoo	Gentoo Linux
Debian	Debian Linux
Dell	Dell PowerProtect Data Domain <8.4.0.0
IBM	IBM App Connect Enterprise LTS <5.0.14
Dell	Dell PowerProtect Data Domain <8.3.1.10
Fedora	Fedora Linux
Red Hat	Red Hat Ansible Automation Platform <2.4
SUSE	SUSE Linux
Dell	Dell PowerProtect Data Domain <7.10.1.70
Oracle	Oracle Linux
IBM	IBM App Connect Enterprise <11.2.0
Dell	Dell PowerProtect Data Domain <7.13.1.40
Red Hat	Red Hat Enterprise Linux
Amazon	Amazon Linux 2
RESF	RESF Rocky Linux

Timeline

Jan 20, 1970 Fix PR Merged
Apr 15, 2024 CVE Published
Apr 15, 2024 EPSS Score
May 9, 2024 EPSS Score
Jun 3, 2024 EPSS Score
Jun 27, 2024 EPSS Score
Jul 22, 2024 EPSS Score
Aug 15, 2024 EPSS Score
Sep 8, 2024 EPSS Score
Oct 3, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Nov 21, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1328.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1328 advisory
https://access.redhat.com/errata/RHSA-2024:3781 advisory
https://access.redhat.com/errata/RHSA-2024:3820 advisory
https://access.redhat.com/errata/RHSA-2024:3713 advisory
https://access.redhat.com/errata/RHSA-2024:3811 advisory
https://access.redhat.com/errata/RHSA-2024:3795 advisory
https://linux.oracle.com/errata/ELSA-2024-3820.html advisory
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-f52b6219ca advisory
https://errata.build.resf.org/RLSA-2024:3820 advisory
https://lists.suse.com/pipermail/sle-security-updates/2024-June/018734.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2024-June/018806.html advisory
https://alas.aws.amazon.com/AL2023/ALAS-2024-644.html advisory
https://alas.aws.amazon.com/AL2023/ALAS-2024-645.html advisory
https://access.redhat.com/errata/RHSA-2024:4231 advisory
https://access.redhat.com/errata/RHSA-2024:4227 advisory
https://linux.oracle.com/errata/ELSA-2024-4227.html advisory
https://linux.oracle.com/errata/ELSA-2024-4231.html advisory
https://access.redhat.com/errata/RHSA-2024:4404 advisory
https://access.redhat.com/errata/RHSA-2024:4414 advisory

…and 34 more

Open in Interactive Console →