Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Boundary Controller Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service
Vulnerability Description
Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary controller, which on average is measured in milliseconds during the Boundary startup process. This vulnerability, CVE-2024-12289, is fixed in Boundary Community Edition and Boundary Enterprise 0.16.4, 0.17.3, 0.18.2.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
抛出异常的清理不恰当
Vulnerability Title
HashiCorp Boundary 安全漏洞
Vulnerability Description
HashiCorp Boundary是美国HashiCorp公司的一种开源解决方案。可自动实现基于身份的安全用户跨环境访问主机和服务。 HashiCorp Boundary 0.8.0至0.18.1版本存在安全漏洞,该漏洞源于控制器初始化期间错误地处理HTTP请求,会导致Boundary服务器过早终止。
CVSS Information
N/A
Vulnerability Type
N/A