Home > Vulnerability Database > CVE-2024-2758

Mend.io Vulnerability Database

CVE-2024-2758

Date: April 3, 2024

Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.

Language: C

Severity Score

6.3

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-2758

Url: http://www.openwall.com/lists/oss-security/2024/04/03/16

Url: https://github.com/tempesta-tech/tempesta/security/advisories/GHSA-3xwj-5ch3-q9p4

Url: https://www.kb.cert.org/vuls/id/421644

Url: https://www.mend.io/vulnerability-database/CVE-2024-2758

Severity Score

6.3

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2024-2758

Date: April 3, 2024

Language: C

Severity Score

Related Resources (5)

Severity Score

CVSS v3.1

Do you need more information?