CVE-2024-38068

Description

Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

Reserved 2024-06-11 | Published 2024-07-09 | Updated 2024-12-10 | Assigner microsoft

Problem types

CWE-400: Uncontrolled Resource Consumption

Product status

10.0.0 before 10.0.17763.6054
affected

10.0.0 before 10.0.17763.6054
affected

10.0.0 before 10.0.17763.6054
affected

10.0.0 before 10.0.20348.2582
affected

10.0.0 before 10.0.22000.3079
affected

10.0.0 before 10.0.19044.4651
affected

10.0.0 before 10.0.22621.3880
affected

10.0.0 before 10.0.19045.4651
affected

10.0.0 before 10.0.22631.3880
affected

10.0.0 before 10.0.22631.3880
affected

10.0.0 before 10.0.25398.1009
affected

10.0.0 before 10.0.10240.20710
affected

10.0.0 before 10.0.14393.7159
affected

10.0.0 before 10.0.14393.7159
affected

10.0.0 before 10.0.14393.7159
affected

6.0.0 before 6.0.6003.22769
affected

6.0.0 before 6.0.6003.22769
affected

6.0.0 before 6.0.6003.22769
affected

6.1.0 before 6.1.7601.27219
affected

6.0.0 before 6.1.7601.27219
affected

6.2.0 before 6.2.9200.24975
affected

6.2.0 before 6.2.9200.24975
affected

6.3.0 before 6.3.9600.22074
affected

6.3.0 before 6.3.9600.22074
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38068 (Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability) vendor-advisory

cve.org (CVE-2024-38068)

nvd.nist.gov (CVE-2024-38068)

Download JSON