Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
NA

CVE-2024-3049

Published: 06/06/2024 Updated: 16/06/2024
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 0

Vulnerability Summary

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

Vulnerable Product Search on Vulmon Subscribe to Product

clusterlabs booth

redhat enterprise linux 7.0

redhat enterprise linux 8.0

redhat enterprise linux eus 8.4

redhat enterprise linux server update services for sap solutions 8.4

redhat enterprise linux 9.0

redhat enterprise linux eus 8.8

redhat enterprise linux eus 9.2

redhat enterprise linux for power little endian eus 9.2 ppc64le

redhat enterprise linux for power little endian eus 8.8 ppc64le

redhat enterprise linux for ibm z systems eus 8.8 s390x

redhat enterprise linux for ibm z systems 8.0 s390x

redhat enterprise linux for arm 64 8.0 aarch64

redhat enterprise linux for ibm z systems 9.2 s390x

redhat enterprise linux for arm 64 8.8 aarch64

redhat enterprise linux for arm 64 9.4 aarch64

redhat enterprise linux for power little endian eus 9.4 ppc64le

redhat enterprise linux for ibm z systems 9.4 s390x

redhat enterprise linux for arm 64 9.2 aarch64

redhat enterprise linux for power little endian eus 8.0 ppc64le

redhat enterprise linux for power little endian eus 8.4 ppc64le

Vendor Advisories

Debian CVElist Bug Report Logs: booth: CVE-2024-3049
Debian Bug report logs - #1073249 booth: CVE-2024-3049 Package: src:booth; Maintainer for src:booth is Debian HA Maintainers <debian-ha-maintainers@alioth-listsdebiannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 15 Jun 2024 07:15:02 UTC Severity: grave Tags: security, upstream Found in ver ...

References

CWE-345https://access.redhat.com/security/cve/CVE-2024-3049https://bugzilla.redhat.com/show_bug.cgi?id=2272082https://access.redhat.com/errata/RHSA-2024:3657https://access.redhat.com/errata/RHSA-2024:3658https://access.redhat.com/errata/RHSA-2024:3659https://access.redhat.com/errata/RHSA-2024:3660https://access.redhat.com/errata/RHSA-2024:3661https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPK5BHYOB7CFFRQAN55YV5LH44PWHMQD/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERCFM3HXFJKLEMMWU3CZLPKH5LZAEDAN/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073249https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080log injectionCVE-2024-6041CVE-2024-37661XML external entityCVE-2024-0845privilege escalationCVE-2023-37057CVE-2024-27801
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook