CVE-2024-4227
Published: 15 January 2025
Summary
CVE-2024-4227 is a high-severity Excessive Iteration (CWE-834) vulnerability in Sourceforge (inferred from references). Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 40.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2024-4227 is a denial-of-service vulnerability in Genivia gSOAP under a specific configuration. An unauthenticated remote attacker can force the software to parse an XML document containing duplicate ID attributes, resulting in high CPU load that leads to a DoS condition. The vulnerability is rated 7.5 on the CVSS v3.1 scale (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-834.
The attack requires no privileges or user interaction and can be carried out over the network with low complexity. An unauthenticated remote attacker simply needs to send a malicious XML payload with duplicate ID attributes to a vulnerable gSOAP instance, causing excessive resource consumption and potential service disruption due to elevated CPU usage.
Advisories from Genivia reference an upgrade recommendation specifically when the -c++11 option is used to generate C++11 source code, with further details available in the gSOAP changelog on SourceForge.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-32779
Vulnerability details
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables remote unauthenticated exploitation of a public-facing gSOAP service (T1190) to trigger application-level resource exhaustion DoS via crafted XML input (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the specific flaw in gSOAP XML parsing by identifying, patching, and deploying the upgrade recommended in Genivia advisories.
Employs rate limiting, resource quotas, or architectural protections to prevent unauthenticated remote attackers from causing high CPU load via malicious XML payloads.
Validates incoming XML inputs at the parser boundary to reject documents with duplicate ID attributes before processing causes resource exhaustion.