Uncontrolled Resource Consumption (CWE-400)
Windows Online Certificate Status Protocol (OCSP) Server is vulnerable to a Denial of Service attack. This vulnerability affects multiple versions of Windows, including Windows 10, Windows 11, and various Windows Server versions. The vulnerability is related to Uncontrolled Resource Consumption (CWE-400).
An attacker could exploit this vulnerability to cause a Denial of Service condition on the affected Windows OCSP Server. This could potentially disrupt the availability of certificate validation services, impacting the overall security infrastructure. The attack vector is network-based, requires no user interaction, and can be executed with low attack complexity. The vulnerability has a high impact on system availability but does not affect confidentiality or integrity.
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
A patch is available. Microsoft has released updates to address this vulnerability. The patch was added on July 9, 2024, and is available through the Microsoft Update Guide.
1. Apply the security updates provided by Microsoft as soon as possible. 2. Prioritize patching for systems running OCSP Server roles, especially those exposed to untrusted networks. 3. Monitor OCSP Server resource consumption and implement resource quotas if possible. 4. Consider implementing network segmentation to limit exposure of OCSP Servers to potential attackers. 5. Regularly update and patch all affected Windows systems, including Windows 10 (versions 1507, 1607, 1809, 21H2, 22H2), Windows 11 (versions 21H2, 22H2, 23H2), Windows Server 2008, 2012, 2016, 2019, 2022, and 2022 23H2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Detection for the vulnerability has been added to Qualys (92149)
A CVSS base score of 7.5 has been assigned.
NVD published the first details for CVE-2024-38068
Feedly found the first article mentioning CVE-2024-38068. See article
Feedly estimated the CVSS score as MEDIUM
EPSS Score was set to: 0.05% (Percentile: 17.2%)
This CVE started to trend in security discussions
This CVE stopped trending in security discussions