PT-2024-36059 · Unknown · Ion-Dtn Bpv7
Published
2024-12-05
·
Updated
2024-12-06
·
CVE-2024-54129
CVSS v4.0
9.2
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
ION-DTN BPv7 version 4.1.3
Description:
A vulnerability exists in the ION-DTN BPv7 implementation when receiving a bundle with an improper reference to the imc scheme with valid Service-Specific Part (SSP) in their Previous Node Block. This can cause ION to become unresponsive.
Recommendations:
For ION-DTN BPv7 version 4.1.3, update to version 4.1.3s to resolve the issue. As a temporary workaround, consider restricting the handling of bundles with improper references to the imc scheme to minimize the risk of unresponsiveness.
Exploit
Fix
Improper Initialization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ion-Dtn Bpv7