Home > Vulnerability Database > CVE-2024-28870

Mend.io Vulnerability Database

CVE-2024-28870

Date: April 3, 2024

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in alert records. This issue has been patched in versions 6.0.17 and 7.0.4.

Language: RUST

Severity Score

7.5

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-28870

Url: https://github.com/OISF/suricata/security/advisories/GHSA-mhhx-xw7r-r5c8

Url: https://security-tracker.debian.org/tracker/CVE-2024-28870

Url: https://www.mend.io/vulnerability-database/CVE-2024-28870

Severity Score

7.5

Weakness Type (CWE)

Allocation of Resources Without Limits or Throttling

CWE-770

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-28870

Date: April 3, 2024

Language: RUST

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?