How severe is CVE-2024-50385?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2024-50385?

This is classified as CWE-459, which is a common weakness in software security.

CVE-2024-50385 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects X-CUBE-AZRTOS-F7 NetX Duo Component HTTP Server HTTP server v 1.1.0. This HTTP server implementation is contained in this file - x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\http\nxd_http_server.c

Related Vulnerabilities

CVE-2019-12902

MEDIUM

CVSS:6.5(Medium)

Pydio Cells before 1.5.0 does incomplete cleanup of a user's data upon deletion. This allows a new user, holding the same User ID as a deleted user, to restore the deleted user's data.

CWE-4592019

CVE-2020-12414

MEDIUM

CVSS:6.5(Medium)

IndexedDB should be cleared when leaving private browsing mode and it is not, the API for WKWebViewConfiguration was being used incorrectly and requires the private instance of this object be deleted ...

CWE-4592020

CVE-2020-12624

MEDIUM

CVSS:6.5(Medium)

The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which...

CWE-4592020

CVE-2020-13346

MEDIUM

CVSS:6.5(Medium)

Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through API.

CWE-4592020

CVE-2022-37428

MEDIUM

CVSS:6.5(Medium)

PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS qu...

CWE-4592022

CVE-2023-22407

MEDIUM

CVSS:6.5(Medium)

An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (Do...

CWE-4592023