{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6594", "assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "state": "PUBLISHED", "assignerShortName": "WatchGuard", "dateReserved": "2024-07-09T02:09:05.229Z", "datePublished": "2024-09-25T11:22:45.610Z", "dateUpdated": "2024-09-25T14:30:29.866Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Single Sign-On Client", "vendor": "WatchGuard", "versions": [{"lessThanOrEqual": "12.7", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2024-09-17T05:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single Sign-On service by repeatedly issuing malformed commands.<br></div><p>This issue affects Single Sign-On Client: through 12.7.</p>"}], "value": "Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single Sign-On service by repeatedly issuing malformed commands.\n\nThis issue affects Single Sign-On Client: through 12.7."}], "impacts": [{"capecId": "CAPEC-227", "descriptions": [{"lang": "en", "value": "CAPEC-227 Sustained Client Engagement"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-755", "description": "CWE-755 Improper Handling of Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "shortName": "WatchGuard", "dateUpdated": "2024-09-25T11:22:45.610Z"}, "references": [{"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00016"}], "source": {"discovery": "UNKNOWN"}, "title": "WatchGuard Firebox Single Sign-On Client Denial-of-Service", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "watchguard", "product": "single_sign-on_client", "cpes": ["cpe:2.3:a:watchguard:single_sign-on_client:*:*:*:*:*:windows:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "12.7", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-25T13:44:40.431549Z", "id": "CVE-2024-6594", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T14:30:29.866Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6594", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-25T13:44:40.431549Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:watchguard:single_sign-on_client:*:*:*:*:*:windows:*:*"], "vendor": "watchguard", "product": "single_sign-on_client", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "12.7"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T13:48:02.282Z"}}], "cna": {"title": "WatchGuard Firebox Single Sign-On Client Denial-of-Service", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-227", "descriptions": [{"lang": "en", "value": "CAPEC-227 Sustained Client Engagement"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "WatchGuard", "product": "Single Sign-On Client", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "12.7"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "datePublic": "2024-09-17T05:00:00.000Z", "references": [{"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00016"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single Sign-On service by repeatedly issuing malformed commands.\n\nThis issue affects Single Sign-On Client: through 12.7.", "supportingMedia": [{"type": "text/html", "value": "<div>Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single Sign-On service by repeatedly issuing malformed commands.<br></div><p>This issue affects Single Sign-On Client: through 12.7.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-755", "description": "CWE-755 Improper Handling of Exceptional Conditions"}]}], "providerMetadata": {"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "shortName": "WatchGuard", "dateUpdated": "2024-09-25T11:22:45.610Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6594", "state": "PUBLISHED", "dateUpdated": "2024-09-25T14:30:29.866Z", "dateReserved": "2024-07-09T02:09:05.229Z", "assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "datePublished": "2024-09-25T11:22:45.610Z", "assignerShortName": "WatchGuard"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:watchguard:single_sign-on_client:*:*:*:*:*:windows:*:*", "matchCriteriaId": "17A19E9E-0672-4673-BD4F-681E4C994EE7", "versionEndIncluding": "12.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single Sign-On service by repeatedly issuing malformed commands.\n\nThis issue affects Single Sign-On Client: through 12.7."}, {"lang": "es", "value": "La vulnerabilidad de manejo inadecuado de condiciones excepcionales en WatchGuard Single Sign-On Client en Windows hace que el cliente se bloquee mientras maneja comandos malformados. Un atacante con acceso de red al cliente podr\u00eda crear una condici\u00f3n de denegaci\u00f3n de servicio para el servicio de inicio de sesi\u00f3n \u00fanico al emitir repetidamente comandos malformados. Este problema afecta al cliente de inicio de sesi\u00f3n \u00fanico: hasta la versi\u00f3n 12.7."}], "id": "CVE-2024-6594", "lastModified": "2024-10-01T19:41:08.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "type": "Secondary"}]}, "published": "2024-09-25T12:15:05.397", "references": [{"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "tags": ["Vendor Advisory"], "url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00016"}], "sourceIdentifier": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-755"}], "source": "5d1c2695-1a31-4499-88ae-e847036fd7e3", "type": "Secondary"}]}

{}