CVE-2023-35767

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Helix Core versions prior to 2023.2

Description An unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. The issue was reported by Jason Geffner.

Recommendations For Helix Core versions prior to 2023.2, update to version 2023.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the shutdown function to prevent potential Denial of Service attacks.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2023-35767

Affected Products

Helix Core

CVE-2023-35767

Weakness Enumeration

Related Identifiers

Affected Products

References · 7