CVE-2024-13274 - Vulnerability Details - OpenCVE

Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://www.drupal.org/sa-contrib-2024-038

History

Thu, 09 Jan 2025 19:45:00 +0000

Type	Values Removed	Values Added
Description		Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5.
Title		Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038
Weaknesses		CWE-799
References		https://www.drupal.org/sa-contrib-2024-038

MITRE

Status: PUBLISHED

Assigner: drupal

Published: 2025-01-09T19:27:04.989Z

Updated: 2025-01-09T19:27:04.989Z

Reserved: 2025-01-09T18:28:09.371Z

Link: CVE-2024-13274

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-01-09T20:15:36.250

Modified: 2025-01-09T20:15:36.250

Link: CVE-2024-13274

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-13274", "assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "state": "PUBLISHED", "assignerShortName": "drupal", "dateReserved": "2025-01-09T18:28:09.371Z", "datePublished": "2025-01-09T19:27:04.989Z", "dateUpdated": "2025-01-09T19:27:04.989Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://www.drupal.org/project/social", "defaultStatus": "unaffected", "product": "Open Social", "repo": "https://git.drupalcode.org/project/social", "vendor": "Drupal", "versions": [{"lessThan": "12.3.8", "status": "affected", "version": "0.0.0", "versionType": "semver"}, {"lessThan": "12.4.5", "status": "affected", "version": "12.4.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "vnech"}, {"lang": "en", "type": "remediation developer", "value": "Ronald te Brake"}, {"lang": "en", "type": "remediation developer", "value": "vnech"}, {"lang": "en", "type": "coordinator", "value": "Greg Knaddison"}, {"lang": "en", "type": "coordinator", "value": "Juraj Nemec"}, {"lang": "en", "type": "coordinator", "value": "Heine Deelstra"}], "datePublic": "2024-09-04T16:20:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.<p>This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5.</p>"}], "value": "Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5."}], "impacts": [{"capecId": "CAPEC-212", "descriptions": [{"lang": "en", "value": "CAPEC-212 Functionality Misuse"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-799", "description": "CWE-799 Improper Control of Interaction Frequency", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "shortName": "drupal", "dateUpdated": "2025-01-09T19:27:04.989Z"}, "references": [{"url": "https://www.drupal.org/sa-contrib-2024-038"}], "source": {"discovery": "UNKNOWN"}, "title": "Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}