CVE-2024-0316 MEDIUM

CVE-2024-0316: Improper cleanup vulnerability in FireEye Endpoint Security

Vendor Fireeye
Product FireEye Endpoint Security
Weakness CWE-460
Published January 15, 2024
Last update October 1, 2024

CVSS base score

6.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

What the vulnerability does

01Description

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containment_notify/preview parameter, which could lead to a service outage.

Key dates

02Disclosure timeline

January 15, 2024 CVE published
October 1, 2024 Record updated