CVE-2024-55628
March 31, 2025, 1:02 p.m.
7.5
High
Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
Product(s) Impacted
| Vendor | Product | Versions |
|---|---|---|
| Oisf |
|
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
CWE-405
Asymmetric Resource Consumption (Amplification)
The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric."
*CPE(s)
Affected systems and software identified for this CVE.
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| a | oisf | suricata | / | / | / | / | / | / | / | / |
References
Tags
CVSS Score
CVSS Data - 3.1
- Attack Vector: NETWORK
- Attack Complexity: LOW
- Privileges Required: NONE
- Scope: UNCHANGED
- Confidentiality Impact: NONE
- Integrity Impact: NONE
- Availability Impact: HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Timeline
Published: Jan. 6, 2025, 6:15 p.m.
Last Modified: March 31, 2025, 1:02 p.m.
Last Modified: March 31, 2025, 1:02 p.m.
Status : Analyzed
CVE has had analysis completed and all data associations made.
More infoSource
security-advisories@github.com
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.