Denial of Service Vulnerability in WatchGuard Single Sign-On Client for Windows
CVE-2024-6594

7.5HIGH

Key Information:

Vendor
Watchguard
Status
Single Sign-on Client
Vendor
CVE Published:
25 September 2024

Summary

The WatchGuard Single Sign-On Client for Windows is vulnerable due to improper handling of exceptional conditions, allowing an attacker with network access to exploit this issue. By repeatedly sending malformed commands, the attacker can trigger a crash in the client, resulting in a denial of service condition for the Single Sign-On service. This vulnerability affects versions of the client up to 12.7, emphasizing the importance of patching and securing systems against unauthorized access.

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2024-6594 : Denial of Service Vulnerability in WatchGuard Single Sign-On Client for Windows | SecurityVulnerability.io