Asymmetric resource consumption in Bodyparser can lead to DoS in CSE

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2024-033 CVE-2024-45590 09/17/2024 medium v1

Vulnerability details

A vulnerability in body-parser can lead to a denial of service of CSE.

Impacted products

ProductsSeverityDetail
Stormshield Data Security medium SDS CSE is impacted

Revisions

Version Date Description
v1 Initial release


Stormshield Data Security

CVSS v3.1 Overall Score: 6      

Analysis

Impacted version

This vulnerability is only present in “on premise” version, SaaS in not affected.

Attacker can send request that block the service for a few seconds and so can flood the server with a large number of specially crafted requests.
  • SDS CSE 4.2.4
  • SDS CSE 4.3.1

Workaround solution

Solution

Configure a Web Application Filter as following

  • block all requests to on premise CSE except:
    • POST request with following content-type : “application/json”
    • GET and OPTIONS without any header Content-Type or with a Content-Type: “application/json”.

The following update will fix this vulnerability :

  • SDS CSE 4.3.2


Attack Vector Attack Complexity Privileges Required User Interaction Scope Confidentiality Impact Integrity Impact Availability impact
Adjacent Network Low None None Unchanged None None High
CVSS Base score: 6.5 CVSS Vector: (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploit Code Maturity Remediation Level Report Confidence
Functional exploit exists Official fix Confirmed
CVSS Temporal score: 6 CVSS Vector: (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C)
Confidentiality Requirement Integrity Requirement Availability Requirement
Low Low Medium
CVSS Environmental score: 6 CVSS Vector: (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C/CR:L/IR:L/AR:M/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X)