PT-2024-16204 · Perforce · Helix Core
Published
2024-11-11
·
Updated
2024-11-12
·
CVE-2024-10344
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Helix Core versions prior to 2024.2
Description
An unauthenticated remote Denial of Service (DoS) was identified via the
refuse function. This issue was reported by Karol Więsek.Recommendations
For Helix Core versions prior to 2024.2, update to version 2024.2 or later to resolve the issue. As a temporary workaround, consider disabling the
refuse function until a patch is available.Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Helix Core