CVE-2024-5422
Denial of Service
Severity Score
7.1
*CVSS v4
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 allows DoS via HTTP.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
Un consumo incontrolado de recursos de descriptores de archivos en SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 permite DoS a través de HTTP. Este problema afecta a utnserver Pro, utnserver ProMAX, INU-100 versión 20.1.22 y versiones anteriores.
SEH utnserver Pro/ProMAX and INU-100 version 20.1.22 suffers from cross site scripting, denial of service, and file disclosure vulnerabilities.
*Credits:
T. Weber
CVSS Scores
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
System
Vulnerable | Subsequent
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-05-27 CVE Reserved
- 2024-06-04 CVE Published
- 2024-06-06 EPSS Updated
- 2024-08-01 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
- CAPEC-469: HTTP DoS
References (2)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2024/Jun/4 |
|
|
| https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| SEH Computertechnik Search vendor "SEH Computertechnik" | Utnserver Pro Search vendor "SEH Computertechnik" for product "Utnserver Pro" | <= 20.1.22 Search vendor "SEH Computertechnik" for product "Utnserver Pro" and version " <= 20.1.22" | en |
Affected
| ||||||
| SEH Computertechnik Search vendor "SEH Computertechnik" | Utnserver ProMAX Search vendor "SEH Computertechnik" for product "Utnserver ProMAX" | <= 20.1.22 Search vendor "SEH Computertechnik" for product "Utnserver ProMAX" and version " <= 20.1.22" | en |
Affected
| ||||||
| SEH Computertechnik Search vendor "SEH Computertechnik" | INU-100 Search vendor "SEH Computertechnik" for product "INU-100" | <= 20.1.22 Search vendor "SEH Computertechnik" for product "INU-100" and version " <= 20.1.22" | en |
Affected
| ||||||