CVE-2024-30249
HIGHCloudburst Network <1.0.0.CR1-20240330.101522-15 - DoS
Title source: llmDescription
Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR1-20240330.101522-15` impacts publicly accessible software depending on the affected versions of Network and allows an attacker to use Network as an amplification vector for a UDP denial of service attack against a third party or as an attempt to trigger service suspension of the host. All consumers of the library should upgrade to at least version `1.0.0.CR1-20240330.101522-15` to receive a fix. There are no known workarounds beyond updating the library.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://github.com/CloudburstMC/Network/security/advisories/GHSA-6h3m-c6fv-8hvh
Scores
CVSS v3
8.6
EPSS
0.0061
EPSS Percentile
44.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-770
Status
published
Products (1)
CloudburstMC/Network
< 1.0.0.CR1-20240330.101522-15
Published
Apr 04, 2024
Tracked Since
Feb 18, 2026