Improper Handling of Values

CVE-2024-30917

Medium

5.5/10

Summary

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted history_depth parameter in DurabilityService QoS component.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-229 - Improper Handling of Values

The software does not properly handle when the expected number of values for parameters, fields, or arguments is not provided in input, or if those values are undefined.

References

Advisory Timeline

Published Apr 11, 2024

Improper Handling of Values

CVE-2024-30917

Summary

CWE-229 - Improper Handling of Values

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS