{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38520", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-18T16:37:02.728Z", "datePublished": "2024-06-26T18:59:25.088Z", "dateUpdated": "2024-07-02T15:16:05.881Z"}, "containers": {"cna": {"title": "SoftEther VPN with L2TP - 2.75x Amplification", "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "lang": "en", "description": "CWE-400: Uncontrolled Resource Consumption", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq"}, {"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764", "tags": ["x_refsource_MISC"], "url": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764"}, {"name": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185", "tags": ["x_refsource_MISC"], "url": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185"}], "affected": [{"vendor": "SoftEtherVPN", "product": "SoftEtherVPN", "versions": [{"version": "<= 5.02.5183", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-02T15:16:05.881Z"}, "descriptions": [{"lang": "en", "value": "SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response packets that are larger than the request packet size. These sorts of techniques are used by external actors who generate spoofed source IPs to target a destination on the internet. This vulnerability has been patched in version 5.02.5185.\n"}], "source": {"advisory": "GHSA-j35p-p8pj-vqxq", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "softether", "product": "vpn", "cpes": ["cpe:2.3:a:softether:vpn:5.02:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.02.5185", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-26T20:51:29.981598Z", "id": "CVE-2024-38520", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T20:53:01.101Z"}}]}}

{"descriptions": [{"lang": "en", "value": "SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. When SoftEtherVPN is deployed with L2TP enabled on a device, it introduces the possibility of the host being used for amplification/reflection traffic generation because it will respond to every packet with two response packets that are larger than the request packet size. These sorts of techniques are used by external actors who generate spoofed source IPs to target a destination on the internet. This vulnerability has been patched in version 5.02.5185.\n"}, {"lang": "es", "value": " SoftEtherVPN es un programa VPN multiprotocolo, multiplataforma y de c\u00f3digo abierto. Cuando SoftEtherVPN se implementa con L2TP habilitado en un dispositivo, presenta la posibilidad de que el host se utilice para la generaci\u00f3n de tr\u00e1fico de amplificaci\u00f3n/reflexi\u00f3n porque responder\u00e1 a cada paquete con dos paquetes de respuesta que son m\u00e1s grandes que el tama\u00f1o del paquete de solicitud. Este tipo de t\u00e9cnicas son utilizadas por actores externos que generan IP de origen falsificadas para apuntar a un destino en Internet. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 5.02.5185."}], "id": "CVE-2024-38520", "lastModified": "2024-06-27T12:47:19.847", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-06-26T19:15:13.890", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/SoftEtherVPN/SoftEtherVPN/commit/c2a7aa548137dc80c6aafdc645cf4dc34e0dc764"}, {"source": "security-advisories@github.com", "url": "https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185"}, {"source": "security-advisories@github.com", "url": "https://github.com/SoftEtherVPN/SoftEtherVPN/security/advisories/GHSA-j35p-p8pj-vqxq"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}