CVE-2023-35767 - OpenCVE

In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason Geffner.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Perforce	Helix Core

Configuration 1 [-]

cpe:2.3:a:perforce:helix_core:*:*:*:*:*:*:*:*

References

Link	Resource
https://perforce.com	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Perforce

Published: 2023-11-08T15:31:29.693Z

Updated: 2024-02-01T22:39:39.464Z

Reserved: 2023-10-24T21:47:07.842Z

Link: CVE-2023-35767

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-08T16:15:08.813

Modified: 2023-11-15T16:17:04.597

Link: CVE-2023-35767

JSON object: View

Redhat Information

No data.

CWE

CWE-400

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-35767", "assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e", "state": "PUBLISHED", "assignerShortName": "Perforce", "dateReserved": "2023-10-24T21:47:07.842Z", "datePublished": "2023-11-08T15:31:29.693Z", "dateUpdated": "2024-02-01T22:39:39.464Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Helix Core", "vendor": "Helix", "versions": [{"lessThan": "2023.2", "status": "affected", "version": "0.0.0", "versionType": "semver"}, {"lessThan": "2023.1 Patch 2", "status": "affected", "version": "0.0.0", "versionType": "semver"}, {"lessThan": "2022.2 Patch 3", "status": "affected", "version": "0.0.0", "versionType": "semver"}, {"lessThan": "2022.1 Patch 6", "status": "affected", "version": "0.0.0", "versionType": "semver"}, {"lessThan": "2021.2 Patch 10", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Helix Swarm", "vendor": "Helix ", "versions": [{"lessThan": "2024.1 ", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by </span><span style=\"background-color: rgb(255, 255, 255);\">Jason Geffner</span><span style=\"background-color: rgb(255, 255, 255);\">. </span><span style=\"background-color: rgb(255, 255, 255);\"> </span><br>"}], "value": "In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason Geffner. \u00a0\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e", "shortName": "Perforce", "dateUpdated": "2024-02-01T22:39:39.464Z"}, "references": [{"url": "https://perforce.com"}], "source": {"discovery": "UNKNOWN"}, "title": "Unauthenticated Remote Denial-of-Service via Shutdown Function in Helix Core", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}