CVE-2024-47217

Published: Apr 3, 2025Modified: Apr 8, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated endpoint. It can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt.

Affected (1)

Products: Snowplow: Iglu Server

Snowplow

1 product

Iglu Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Snowplow Iglu Server	Before 0.13.1

References (1)

https://support.snowplow.io/hc/en-us/articles/26318139354909-Update-Critical-Snowplow-Security-Updates-Impact-on-Open-Source-Software-Users

Source: cve@mitre.org

Release NotesVendor Advisory

Timeline

No history available yet.