CVE-2024-47522
Published: 16 October 2024
Summary
CVE-2024-47522 is a high-severity Reachable Assertion (CWE-617) vulnerability in Oisf Suricata. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 48.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-42513
Vulnerability details
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has…
more
been addressed in 7.0.7. One may disable ja4 as a workaround.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables remote denial-of-service crash of Suricata IDS/IPS/NSM via crafted TLS/QUIC traffic with invalid ALPN (when JA4 enabled), exploiting the application (T1499.004) and impairing/disabling security tools (T1562.001).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.