1. Home
  2. CVE Database
  3. CVE-2024-36856
HIGH · 7.5

CVE-2024-36856

RMQTT Broker 0.4.0 is vulnerable to Denial of Service (DoS) due to improper session resource management. An attacker can exhaust system memory and crash the daemon by establishing and maintaining a va...

Vulnerability Description

RMQTT Broker 0.4.0 is vulnerable to Denial of Service (DoS) due to improper session resource management. An attacker can exhaust system memory and crash the daemon by establishing and maintaining a vast number of long-lived malicious publish/subscribe sessions.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Related Weaknesses (CWE)

CWE-404

References

FAQ

What is CVE-2024-36856?

CVE-2024-36856 is a vulnerability with a CVSS score of 7.5 (HIGH). RMQTT Broker 0.4.0 is vulnerable to Denial of Service (DoS) due to improper session resource management. An attacker can exhaust system memory and crash the daemon by establishing and maintaining a va...

How severe is CVE-2024-36856?

CVE-2024-36856 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-36856?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.