Boundary Vulnerability May Cause Premature Server Termination
CVE-2024-12289
5.9MEDIUM
Key Information:
- Vendor
Hashicorp
- Vendor
- CVE Published:
- 12 December 2024
What is CVE-2024-12289?
During the initialization of the Boundary controller, Boundary Community Edition and Boundary Enterprise exhibit improper handling of HTTP requests. This flaw can lead to premature termination of the Boundary server, occurring within milliseconds during the startup process. Effective patches have been introduced in versions 0.16.4, 0.17.3, and 0.18.2 to address this issue, mitigating potential denial of service scenarios. Organizations using affected versions are encouraged to upgrade promptly to maintain operational stability and security.
Affected Version(s)
Boundary 64 bit 0.8.0 < 0.18.2
Boundary Enterprise 64 bit 0.8.0 < 0.18.2