Unauthenticated Remote Denial-of-Service (Commit) in Helix Core
CVE-2023-45319

7.5HIGH

Key Information:

Vendor: Helix
Status: Helix Core
Vendor: CVE Published:; 8 November 2023

Badges

📰 News Worthy

What is CVE-2023-45319?

A remote Denial of Service vulnerability has been discovered in Helix Core, allowing unauthenticated attackers to exploit the commit function. This could lead to service disruptions without requiring access to authentication credentials. Users of Helix Core prior to version 2023.2 should address this vulnerability to maintain the integrity and availability of their services.

Affected Version(s)

Helix Core 0.0.0 < 2023.2

Helix Core 0.0.0 < 2023.1 Patch 2

Helix Core 0.0.0 < 2022.2 Patch 3

News Articles

Dark Reading

CVE-2023-45849 CVE-2023-35767

Microsoft: Multiple Perforce Server Flaws Allow for Network Takeover

The most critical of the bugs gives attackers privileged access to the local Windows system, paving the way for unauthenticated RCE and installing backdoors.

References

https://perforce.com

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by Dark Reading
Dec 19, 2023
Vulnerability published
Nov 8, 2023
Vulnerability Reserved
Oct 24, 2023