CVE-2024-10344: Unauthenticated Denial of Service via Refuse Function

8.7 CVSS

Description

In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Więsek.

Classification

CVE ID: CVE-2024-10344

CVSS Base Severity: HIGH

CVSS Base Score: 8.7

Affected Products

Vendor: Helix

Product: Helix Core

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://portal.perforce.com/s/detail/a91PA000001SZOrYAO

Timeline

2024-11-27 14:41:47 UTC
CVE

Unauthenticated Denial of Service via Refuse Function