Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-1189— AMPPS Encryption Passphrase denial of service

CVSS 5.3 · Medium EPSS 0.06% · P19
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-1189

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
AMPPS Encryption Passphrase denial of service
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been found in AMPPS 2.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Encryption Passphrase Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252679. NOTE: The vendor explains that AMPPS 4.0 is a complete overhaul and the code was re-written.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
不恰当的资源关闭或释放
Source: NVD (National Vulnerability Database)
Vulnerability Title
AMPPS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AMPPS是AMPPS公司的一套软件用于快速安装Apache, MySQL, PHP, Perl 和Python 并创建一个Web服务器运行环境。 AMPPS 2.7版本存在安全漏洞,该漏洞源于组件Encryption Passphrase Handler会导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-AMPPS 2.7 -

II. Public POCs for CVE-2024-1189

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-1189

登录查看更多情报信息。

Same Patch Batch · n/a · 2024-02-02 · 33 CVEs total

CVE-2024-227798.8 HIGHServerRPExposer 安全漏洞
CVE-2024-214856.5 MEDIUMDash 安全漏洞
CVE-2024-11986.3 MEDIUMopenBI Phar User.php addxinzhi deserialization
CVE-2024-11933.3 LOWNavicat MySQL Conecction denial of service
CVE-2023-39611Software FX Chart FX 安全漏洞
CVE-2024-25006XenForo 安全漏洞
CVE-2023-48645ARCHIBUS 安全漏洞
CVE-2023-50488Blurams Lumi Security Camera 安全漏洞
CVE-2023-51072Nagios XI 安全漏洞
CVE-2023-51820Blurams Lumi Security Camera 安全漏洞
CVE-2024-24388XunRuiCMS 安全漏洞
CVE-2023-51838MeshCentral 安全漏洞
CVE-2024-22107GTB Central Console 安全漏洞
CVE-2024-22108GTB Central Console 安全漏洞
CVE-2024-24029JFinalCMS 安全漏洞
CVE-2024-24160MRCMS 安全漏洞
CVE-2024-24161MRCMS 安全漏洞
CVE-2024-24470flusity CMS 安全漏洞
CVE-2024-24524flusity CMS 安全漏洞
CVE-2024-22851LiveConfig 安全漏洞

Showing top 20 of 33 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: AMPPS
Same vendor: n/a
Same weakness: CWE-404

V. Comments for CVE-2024-1189

No comments yet

Leave a comment