← back
CVE-2024-52060

Potential stack overflow when using XML configuration file referencing environment variables

CVSS 8.3 HIGHEPSS 0.3%CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
Affected products
RTI · Connext Professional

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.rti.com/vulnerabilities/#cve-2024-52060