Description
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.
Reserved 2024-08-13 | Published 2024-09-10 | Updated 2024-09-10 | Assigner
CERTVDEMEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Problem types
CWE-770 Allocation of Resources Without Limits or Throttling
Product status
Default status
unaffected
Any version before 10.4.1
affected
Default status
unaffected
Any version before 10.4.1
affected
Default status
unaffected
Any version before 10.4.1
affected
Default status
unaffected
Any version before 10.4.1
affected
Default status
unaffected
Any version before 10.4.1
affected
Default status
unaffected
Any version before 10.4.1
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
Default status
unaffected
Any version before 8.9.3
affected
References
cert.vde.com/en/advisories/VDE-2024-052
cve.org (CVE-2024-7734)
nvd.nist.gov (CVE-2024-7734)
Download JSON
Subscribe to our newsletter to learn more about our work.