CVE-2024-34571

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published May 8, 2024

CWE ID 79

Summary

CVE-2024-4437 represents a persisting vulnerability in the etcd package of the Red Hat OpenStack platform. Despite an incomplete fix for CVE-2021-44716, the etcd package continues to use an outdated version of http://golang.org/x/net/http2. As opposed to the version offered by Red Hat Enterprise Linux, this implementation should be updated at compile time. This misconfiguration poses a potential risk to the affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vzF5eF
https://www.cve.org/CVERecord?id=CVE-2024-34571
https://nvd.nist.gov/vuln/detail/CVE-2024-34571

Back to Vulnerability Database

CVE-2024-34571

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations