CVE-2024-10345
Nov. 21, 2024, 8:48 a.m.
Tags
Product(s) Impacted
Helix Core
- before 2024.2
Description
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek.
Weaknesses
CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CWE ID: 400Date
Published: Nov. 11, 2024, 2:15 p.m.
Last Modified: Nov. 21, 2024, 8:48 a.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
security@puppet.com
References
https://portal.perforce.com/
security@puppet.com