Vulnerability in Oisf Suricata
CVE-2024-37151
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can l…
EPSS: 0.006 (45.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.
Affected products
- Oisf Suricata — versions >= 6.0.0, < 6.0.20, >= 7.0.0,< 7.0.6
Weakness classification (CWE)
Public proof-of-concept exploits
References
- security-advisories@github.com (x_refsource_CONFIRM, Vendor Advisory)
- security-advisories@github.com (Patch, x_refsource_MISC)
- security-advisories@github.com (Patch, x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC, Issue Tracking)
- security-advisories@github.com (x_refsource_MISC, Issue Tracking)
- af854a3a-2127-422b-91ae-364da2661108
Frequently asked questions
- What is CVE-2024-37151?
- CVE-2024-37151 is a medium-severity vulnerability in Oisf Suricata, classified under Improper Check for Unusual or Exceptional Conditions. CVSS score: 5.3/10. Published 2024-07-11.
- How severe is CVE-2024-37151?
- Medium severity. CVSS v3 base score is 5.3 out of 10.
- Is CVE-2024-37151 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.