PT-2024-17325 · Ampps · Ampps
Fernando Mengali
+1
·
Published
2024-02-02
·
Updated
2024-05-17
·
CVE-2024-1189
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
AMPPS version 2.7
Description
A vulnerability has been found in the Encryption Passphrase Handler component, which can be exploited to cause a denial of service. The attack can be launched remotely. Upgrading to version 4.0 is able to address this issue.
Recommendations
For AMPPS version 2.7, upgrade to version 4.0 to address the issue. As a temporary workaround, consider restricting access to the Encryption Passphrase Handler component until the upgrade is applied.
Exploit
Fix
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ampps