Search for vulnerabilities
Vulnerability details: VCID-wqme-guhs-wbbr
Vulnerability ID VCID-wqme-guhs-wbbr
Aliases CVE-2024-10397
Summary A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.
Status Published
Exploitability 0.5
Weighted Severity 3.9
Risk 1.9
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00096 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00123 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00123 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00123 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00141 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00141 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00156 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00187 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00187 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00187 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00237 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
epss 0.00237 https://api.first.org/data/v1/epss?cve=CVE-2024-10397
cvssv3.1 0 https://openafs.org/pages/security/OPENAFS-SA-2024-003.txt
cvssv4 7.7 https://openafs.org/pages/security/OPENAFS-SA-2024-003.txt
ssvc Track https://openafs.org/pages/security/OPENAFS-SA-2024-003.txt
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-10397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10397
https://openafs.org/pages/security/OPENAFS-SA-2024-003.txt
1087406 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406
CVE-2024-10397 https://nvd.nist.gov/vuln/detail/CVE-2024-10397
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N Found at https://openafs.org/pages/security/OPENAFS-SA-2024-003.txt
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Found at https://openafs.org/pages/security/OPENAFS-SA-2024-003.txt
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:46:42Z/ Found at https://openafs.org/pages/security/OPENAFS-SA-2024-003.txt
Exploit Prediction Scoring System (EPSS)
Percentile 0.10184
EPSS Score 0.00043
Published At Nov. 18, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-11-18T17:42:00.625722+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 34.3.2