PT-2025-7888 · Unknown · O-Ran Near Realtime Ric
Published
2025-02-25
·
Updated
2025-02-25
·
CVE-2024-34035
CVSS v3.1
5.7
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
Name of the Vulnerable Software and Affected Versions
O-RAN Near Realtime RIC H-Release
Description
An issue was discovered that allows an adversary to crash the e2mgr by flooding the system with a significant quantity of E2 Subscription Requests originating from an xApp.
Recommendations
For O-RAN Near Realtime RIC H-Release, as a temporary workaround, consider implementing rate limiting on E2 Subscription Requests to minimize the risk of exploitation.
Fix
Resource Exhaustion
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
O-Ran Near Realtime Ric