CVE-2024-47187
HIGHDescription
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to use excessive time to load, as well as runtime performance issues during traffic handling. This issue has been addressed in 7.0.7. As a workaround, avoid loading datasets from untrusted sources. Avoid dataset rules that track traffic in rules.
Is your site exposed to CVE-2024-47187?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| oisf | suricata |
References
Frequently Asked Questions
What is CVE-2024-47187? +
How severe is CVE-2024-47187? +
What products are affected by CVE-2024-47187? +
How do I check if I'm vulnerable to CVE-2024-47187? +
Related Vulnerabilities
Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478.146 allows attackers in Wi-Fi range to …
Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform …
Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files …
An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability …
AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.75, AdGuard Home's client-triggered DoQ forwarding path …
The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and …