CVE-2024-20344
CVSS V2 None
CVSS V3 None
Description
A vulnerability in system resource management in Cisco UCS 6400 and 6500 Series Fabric Interconnects that are in Intersight Managed Mode (IMM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the Device Console UI of an affected device.
This vulnerability is due to insufficient rate-limiting of TCP connections to an affected device. An attacker could exploit this vulnerability by sending a high number of TCP packets to the Device Console UI. A successful exploit could allow an attacker to cause the Device Console UI process to crash, resulting in a DoS condition. A manual reload of the fabric interconnect is needed to restore complete functionality.
Overview
- CVE ID
- CVE-2024-20344
- Assigner
- cisco
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-02-28T16:16:03.042Z
- Last Modified Date
- 2024-02-28T16:16:03.042Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsfi-imm-syn-p6kZTDQC |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-20344 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20344 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 04:43:31 | Added to TrackCVE |