Home > Vulnerability Database > CVE-2024-55629

Mend.io Vulnerability Database

CVE-2024-55629

Date: January 6, 2025

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data (out of band data) can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible evasions. Suricata 7.0.8 includes options to allow users to configure how to handle TCP urgent data. In IPS mode, you can use a rule such as drop tcp any any -> any any (sid:1; tcp.flags:U*;) to drop all the packets with urgent flag set.

Severity Score

7.5

Related Resources (7)

Url: https://github.com/OISF/suricata/commit/779f9d8ba35c3f9b5abfa327d3a4209861bd2eb8

Url: https://github.com/OISF/suricata/commit/6882bcb3e51bd3cf509fb6569cc30f48d7bb53d7

Url: https://redmine.openinfosecfoundation.org/issues/7411

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-55629

Url: https://security-tracker.debian.org/tracker/CVE-2024-55629

Url: https://github.com/OISF/suricata/security/advisories/GHSA-69wr-vhwg-84h2

Url: https://www.mend.io/vulnerability-database/CVE-2024-55629

Severity Score

7.5

Weakness Type (CWE)

Interpretation Conflict

CWE-436

Incomplete Model of Endpoint Features

CWE-437

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-55629

Date: January 6, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?