CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-35200

Medium Severity
F5
SVRS
30/100
CVSSv3
5.3/10
EPSS
0.00666/1

CVE-2024-35200 allows attackers to crash NGINX servers. This vulnerability involves HTTP/3 requests causing NGINX worker processes to terminate unexpectedly. Specifically, when NGINX Plus or NGINX OSS is configured with the HTTP/3 QUIC module, a specially crafted HTTP/3 request can trigger this termination. The SOCRadar Vulnerability Risk Score (SVRS) for CVE-2024-35200 is 30, indicating a moderate risk, however it still warrants attention. Even with a moderate SVRS, this vulnerability poses a risk of denial-of-service. Organizations using NGINX with the HTTP/3 QUIC module should promptly apply available patches or mitigations. This is significant because NGINX is a widely used web server, and its instability can disrupt critical services.

TAGS
In The Wild
Vendor-advisory
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:N
I:N
A:L
PUBLICATION DATE2024-05-29
LAST MODIFIED2025-02-13

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-35200 | F5 NGINX Plus/NGINX Open Source HTTP3 QUIC denial of service (K000139612)
vuldb.com2025-03-27
CVE-2024-35200 | F5 NGINX Plus/NGINX Open Source HTTP3 QUIC denial of service (K000139612) | A vulnerability classified as problematic has been found in F5 NGINX Plus and NGINX Open Source. This affects an unknown part of the component HTTP3 QUIC Handler. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-35200. It is possible to initiate the attack
vuldb.com
rss
forum
news
nginx HTTP/3 security issues/fixes
2024-05-30
nginx HTTP/3 security issues/fixes | Posted by Solar Designer on May 30Hi, This was on the nginx-announce list yesterday: https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html --- [nginx-announce] nginx security advisory (CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200) Sergey Kandaurov pluknet at nginx.com Wed May 29 15:12:07 UTC 2024 Hello
cve-2024-32760
cve-2024-35200
cve-2024-31079
cve-2024-34161

Social Media

🚨In #Nginx versions from 1.25.0 to before 1.26.1 a medium severity vulnerability CVE-2024-35200 was detected🚨 Attackers can cause a denial-of-service (DoS) by stopping NGINX worker processes. Affected organizations should fix this problem immediately to reduce the risk.
0
0
0
CVE-2024-35200 When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate. https://t.co/uGn7axQQ1g
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppF5nginx_open_source
AppF5nginx_plus
Configuration 2
TypeVendorProduct
OSFedoraprojectfedora

References

ReferenceLink
[email protected]https://my.f5.com/manage/s/article/K000139612
[email protected]http://www.openwall.com/lists/oss-security/2024/05/30/4
[email protected]https://lists.fedoraproject.org/archives/list/[email protected]/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/
[email protected]https://my.f5.com/manage/s/article/K000139612
[email protected]http://www.openwall.com/lists/oss-security/2024/05/30/4
[email protected]https://lists.fedoraproject.org/archives/list/[email protected]/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/
[email protected]https://lists.fedoraproject.org/archives/list/[email protected]/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/
[email protected]https://my.f5.com/manage/s/article/K000139612
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/05/30/4
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/[email protected]/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/[email protected]/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/
AF854A3A-2127-422B-91AE-364DA2661108https://my.f5.com/manage/s/article/K000139612
[email protected]http://www.openwall.com/lists/oss-security/2024/05/30/4
[email protected]https://lists.fedoraproject.org/archives/list/[email protected]/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/
[email protected]https://lists.fedoraproject.org/archives/list/[email protected]/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/
[email protected]https://my.f5.com/manage/s/article/K000139612

CWE Details

CWE IDCWE NameDescription
CWE-476NULL Pointer DereferenceA NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence