CVE-2024-45796
Published: 16 October 2024
Summary
CVE-2024-45796 is a medium-severity Off-by-one Error (CWE-193) vulnerability in Oisf Suricata. Its CVSS base score is 5.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Stealth (T1211); ranked at the 48.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-41604
Vulnerability details
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger…
more
this behavior.This issue has been addressed in 7.0.7.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE-2024-45796 is an off-by-one error in Suricata's fragment reassembly that enables policy bypass via crafted packets, directly facilitating exploitation of the IDS/IPS for defense evasion.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.