Denial of Service Vulnerability in Open5GS by Open5GS Community
CVE-2024-57519

7.5HIGH

Key Information:

Vendor: Open5GS Community
Status: Open5GS
Vendor: CVE Published:; 28 January 2025

🔔 Create Open5GS Community Vulnerability Alert

What is CVE-2024-57519?

An issue in Open5GS version 2.7.2 allows a remote attacker to exploit a flaw in the ogs_dbi_auth_info function located in the lib/dbi/subscription.c file. This exploitation can lead to a denial of service condition, adversely affecting the availability of network services. Such vulnerabilities underline the importance of immediate updates and vigilance in monitoring system integrity to mitigate potential threats.

References

https://github.com/open5gs/open5gs/issues/3635

https://github.com/open5gs/open5gs/commit/08b9e7c55f72649...

https://github.com/f4rs1ght/vuln-research/tree/main/CVE-2...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 28, 2025
Vulnerability Reserved
Jan 9, 2025