CVE-2024-6227

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections.
Configurations

Configuration 1 (hide)

cpe:2.3:a:aimstack:aim:3.19.3:*:*:*:*:*:*:*

History

21 Nov 2024, 09:49

Type Values Removed Values Added
References () https://huntr.com/bounties/abcea7c6-bb3b-45e9-aa15-9eb6b224451a - Exploit () https://huntr.com/bounties/abcea7c6-bb3b-45e9-aa15-9eb6b224451a - Exploit

30 Aug 2024, 16:15

Type Values Removed Values Added
Summary (en) A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause a denial of service by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections. (en) A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections.
CWE CWE-400

07 Aug 2024, 12:26

Type Values Removed Values Added
References () https://huntr.com/bounties/abcea7c6-bb3b-45e9-aa15-9eb6b224451a - () https://huntr.com/bounties/abcea7c6-bb3b-45e9-aa15-9eb6b224451a - Exploit
CWE CWE-835
CPE cpe:2.3:a:aimstack:aim:3.19.3:*:*:*:*:*:*:*
First Time Aimstack aim
Aimstack

09 Jul 2024, 18:19

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad en aimhubio/aim versión 3.19.3 permite a un atacante provocar una denegación de servicio configurando el servidor de seguimiento remoto para que apunte a sí mismo. Esto da como resultado que el servidor se conecte interminablemente consigo mismo, lo que le impide responder a otras conexiones.

08 Jul 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-08 19:15

Updated : 2024-11-21 09:49


NVD link : CVE-2024-6227

Mitre link : CVE-2024-6227

CVE.ORG link : CVE-2024-6227


JSON object : View

Products Affected

aimstack

  • aim
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')