cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12289,https://securityvulnerability.io/vulnerability/CVE-2024-12289,Boundary Vulnerability May Cause Premature Server Termination,"During the initialization of the Boundary controller, Boundary Community Edition and Boundary Enterprise exhibit improper handling of HTTP requests. This flaw can lead to premature termination of the Boundary server, occurring within milliseconds during the startup process. Effective patches have been introduced in versions 0.16.4, 0.17.3, and 0.18.2 to address this issue, mitigating potential denial of service scenarios. Organizations using affected versions are encouraged to upgrade promptly to maintain operational stability and security.",Hashicorp,"Boundary,Boundary Enterprise",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-12T22:42:01.595Z,0
CVE-2024-1052,https://securityvulnerability.io/vulnerability/CVE-2024-1052,TLS Certificate Tampering Vulnerability in Boundary Enterprise,"Boundary and Boundary Enterprise by HashiCorp are susceptible to session hijacking due to vulnerabilities associated with TLS certificate tampering. An attacker with the capability to enumerate active or pending sessions may obtain a private key linked to a session and a valid trust on first use (TOFU) token. Leveraging this information, the attacker can craft a malicious TLS certificate to hijack an active session, leading to unauthorized access to the underlying services or applications. This vulnerability poses a significant risk to users and necessitates immediate attention.",Hashicorp,"Boundary,Boundary Enterprise",8,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2024-02-05T20:43:53.939Z,0