// For flags

CVE-2023-29487

 

Severity Score

9.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module.

Se descubrió un problema en las versiones 3.4.2 y anteriores del agente Heimdal Thor en Windows y 2.6.9 y anteriores en macOS, que permite a los atacantes provocar una denegación de servicio (DoS) a través del módulo de prevención de amenazas Threat To Process Correlation.

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module. NOTE: Heimdal asserts this is not a valid vulnerability. Their DNS Security for Endpoint solution includes an optional feature to provide extra information on the originating process that made a DNS request. The lack of process identification in DNS logs is therefore falsely categorized as a DoS issue.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-04-07 CVE Reserved
  • 2023-12-21 CVE Published
  • 2024-01-05 EPSS Updated
  • 2024-09-25 CVE Updated
  • 2024-09-25 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-1333: Inefficient Regular Expression Complexity
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Heimdalsecurity
Search vendor "Heimdalsecurity"
 Thor
Search vendor "Heimdalsecurity" for product "Thor"
 <= 3.5.3
Search vendor "Heimdalsecurity" for product "Thor" and version " <= 3.5.3"
-
Affected
in Microsoft
Search vendor "Microsoft"
 Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
Heimdalsecurity
Search vendor "Heimdalsecurity"
 Thor
Search vendor "Heimdalsecurity" for product "Thor"
 <= 2.6.9
Search vendor "Heimdalsecurity" for product "Thor" and version " <= 2.6.9"
-
Affected
in Apple
Search vendor "Apple"
 Macos
Search vendor "Apple" for product "Macos"
--
Safe