Remote Denial of Service Vulnerability in Password Change Function
CVE-2024-42849

Currently unrated

Key Information:

Vendor: Silverpeas
Status: Silverpeas
Vendor: CVE Published:; 16 August 2024

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 11%

What is CVE-2024-42849?

An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-42849
Created by njmbb8

References

http://silverpeas.com

https://github.com/njmbb8/CVE-2024-42849/tree/main

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 16, 2024
👾
Exploit known to exist
Aug 16, 2024
Vulnerability published
Aug 16, 2024

JSON