An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module. NOTE: Heimdal asserts this is not a valid vulnerability. Their DNS Security for Endpoint solution includes an optional feature to provide extra information on the originating process that made a DNS request. The lack of process identification in DNS logs is therefore falsely categorized as a DoS issue.
References
Link | Resource |
---|---|
https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 | Exploit Third Party Advisory |
https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 07:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - Exploit, Third Party Advisory |
25 Sep 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module. NOTE: Heimdal asserts this is not a valid vulnerability. Their DNS Security for Endpoint solution includes an optional feature to provide extra information on the originating process that made a DNS request. The lack of process identification in DNS logs is therefore falsely categorized as a DoS issue. |
04 Jan 2024, 14:36
Type | Values Removed | Values Added |
---|---|---|
References | () https://medium.com/%40drabek.a/weaknesses-in-heimdal-thors-line-of-products-9d0e5095fb93 - Exploit, Third Party Advisory | |
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:heimdalsecurity:thor:*:*:*:*:*:*:*:* |
|
CWE | CWE-1333 | |
First Time |
Heimdalsecurity thor
Apple Heimdalsecurity Microsoft windows Apple macos Microsoft |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
21 Dec 2023, 02:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-21 01:15
Updated : 2024-11-21 07:57
NVD link : CVE-2023-29487
Mitre link : CVE-2023-29487
CVE.ORG link : CVE-2023-29487
JSON object : View
Products Affected
heimdalsecurity
- thor
microsoft
- windows
apple
- macos
CWE
CWE-1333
Inefficient Regular Expression Complexity