Cerberus Enterprise Web Administration Vulnerable to Denial of Service Attacks
CVE-2024-5052

7.5HIGH

Key Information:

Vendor: Cerberus Ftp Enterprise
Status: Cerberus Ftp Enterprise
Vendor: CVE Published:; 17 May 2024

🔔 Create Cerberus Ftp Enterprise Vulnerability Alert

What is CVE-2024-5052?

The vulnerability arises from the Cerberus Enterprise 8.0.10.3 web administration interface when the server processes a significant volume of incomplete HTTP requests on the default port 10001. This situation can lead to a denial of service, potentially affecting the availability of the web administration functionality. It is essential for users to evaluate their configurations and implement measures to mitigate the risk posed by this vulnerability.

Affected Version(s)

Cerberus FTP Enterprise 8.0.10.3

References

https://www.incibe.es/en/incibe-cert/notices/aviso/resour...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 17, 2024
Vulnerability Reserved
May 17, 2024

Credit

Rafael Pedrero

CVE-2024-5052 Data

JSON