CVE-2024-0316

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 15, 2024
Updated: Jan 19, 2024
CWE ID 460

Summary

CVE-2024-0316 is a newly identified vulnerability affecting FireEye Endpoint Security version 5.2.0.958244. The issue involves improper exception cleanup, allowing an attacker to overload the containment_notify/preview parameter with multiple request packets. This could ultimately result in a service outage, disrupting the normal functioning of the security solution.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • FireEye Endpoint Security

Affected Vendors

  • FireEye, Inc.