exploitDog

CVE-2023-34061

Опубликовано: 12 янв. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment.

Ссылки

https://www.cloudfoundry.org/blog/cve-2023-34061-gorouter-route-pruning/
Vendor Advisory
https://www.cloudfoundry.org/blog/cve-2023-34061-gorouter-route-pruning/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:pivotal:cloud_foundry_deployment:*:*:*:*:*:*:*:*

Версия от 0.28.0 (включая) до 33.5.0 (включая)

cpe:2.3:a:pivotal:cloud_foundry_routing_release:*:*:*:*:*:*:*:*

Версия от 0.163.0 (включая) до 0.283.0 (включая)

EPSS

Процентиль: 39%

0.00171

Низкий

7.5 High

CVSS3

Дефекты

CWE-400

CWE-400

Связанные уязвимости

GHSA-xr94-cv8c-7r6v

CVSS3: 7.5

github

около 2 лет назад

Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment.

EPSS

Процентиль: 39%

0.00171

Низкий

7.5 High

CVSS3

Дефекты

CWE-400

CWE-400