Uncontrolled Resource Consumption (CWE-400)
A vulnerability in the Windows Online Certificate Status Protocol (OCSP) Server could allow an attacker to cause a denial of service condition. This vulnerability affects various versions of Windows Server, including Server 2022, 2019, 2016, 2012 R2, 2012, and 2008 R2 SP1.
An attacker could exploit this vulnerability to cause a denial of service, potentially disrupting the availability of the OCSP server. This could impact the ability of systems to check the revocation status of certificates, potentially affecting secure communications and authentication processes across the network.
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
A patch is available. Microsoft has released updates to address this vulnerability for the affected Windows Server versions.
To mitigate this vulnerability, it is recommended to apply the latest security updates provided by Microsoft for the affected Windows Server versions. Specifically: 1. For Windows Server 2022, update to version 10.0.20348.2582 or later. 2. For Windows Server 2022 23H2, update to version 10.0.25398.1009 or later. 3. For Windows Server 2019, update to version 10.0.17763.6054 or later. 4. For Windows Server 2016, update to version 10.0.14393.7159 or later. 5. For Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2 SP1, apply the latest available security updates. Additionally, monitor and control network access to OCSP servers, and implement network segmentation to limit potential attack vectors.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Detection for the vulnerability has been added to Qualys (92149)
A CVSS base score of 7.5 has been assigned.
NVD published the first details for CVE-2024-38031
Feedly found the first article mentioning CVE-2024-38031. See article
Feedly estimated the CVSS score as MEDIUM
EPSS Score was set to: 0.05% (Percentile: 17.2%)