PT-2024-34296 · Unknown · Cerberus Enterprise

Rafael Pedrero

Published

2024-05-17

Updated

2024-05-18

CVE-2024-5052

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Cerberus Enterprise version 8.0.10.3

Description: A Denial of Service (DoS) issue exists in the web administration of Cerberus Enterprise. This occurs when the web server, which uses default port 10001, attempts to process a large number of incomplete HTTP requests.

Recommendations: For Cerberus Enterprise version 8.0.10.3, consider restricting access to the web administration interface on port 10001 to minimize the risk of exploitation until a patch is available.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2024-5052

Affected Products

Cerberus Enterprise

PT-2024-34296 · Unknown · Cerberus Enterprise

CVE-2024-5052

Weakness Enumeration

Related Identifiers

Affected Products

References · 5