CVE-2024-1189

Published: Feb 2, 2024Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability has been found in AMPPS 2.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Encryption Passphrase Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252679. NOTE: The vendor explains that AMPPS 4.0 is a complete overhaul and the code was re-written.

Affected (1)

Products: Softaculous: Ampps

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Softaculous Ampps	Before 4.0

Related CWEs

Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

References (6)

https://fitoxs.com/vuldb/15-exploit-perl.txt

Source: cna@vuldb.com

ExploitThird Party Advisory

https://vuldb.com/?ctiid.252679

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.252679

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://fitoxs.com/vuldb/15-exploit-perl.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://vuldb.com/?ctiid.252679

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.252679

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

Timeline

No history available yet.