Resource Consumption Vulnerability in INW Krbyyyzo Daily Huddle Site
CVE-2024-12345

6.7MEDIUM

Key Information:

Vendor: Inw
Status: Krbyyyzo
Vendor: CVE Published:; 27 January 2025

What is CVE-2024-12345?

A resource consumption vulnerability has been identified in the Daily Huddle Site component of INW Krbyyyzo version 25.2002. The issue resides in the file /gbo.aspx, where improper handling of the argument 's' can lead to excessive resource use. This vulnerability could be exploited locally, potentially affecting other endpoints as well. Users of this software should be aware of this risk and consider applying appropriate mitigations to secure their environments.

Affected Version(s)

Krbyyyzo 25.2002

References

https://vuldb.com/?id.293509

vdb-entrytechnical-description

https://vuldb.com/?ctiid.293509

signaturepermissions-required

CVSS V4

Score:

6.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Dec 8, 2024

CVE-2024-12345 Data

JSON

Inw

What is CVE-2024-12345?

Affected Version(s)

References

CVSS V4

Timeline