10.2.2
10.1.8
10.1.8
10.1.8
10.1.8
CVE-2024-11941 describes a denial-of-service (DoS) vulnerability in Drupal Core versions up to and including 10.1.7. The vulnerability arises from the Comment module's functionality allowing users to reply to comments. An attacker can craft malicious comment reply requests that trigger a DoS condition, potentially disrupting website availability. Sites not using the Comment module are not affected.
An attacker can exploit CVE-2024-11941 by sending a flood of specially crafted comment reply requests to the Drupal website. This can exhaust server resources, leading to a denial of service for legitimate users. The impact can range from temporary website slowdowns to complete unavailability, depending on the attacker's resources and the server's capacity. This vulnerability could disrupt critical business operations and impact user experience.
The vulnerability was published on 2024-12-05. No KEV or EPSS score is currently available. There are no publicly known exploits or active campaigns targeting this vulnerability at this time, but the high CVSS score indicates a significant potential risk. Monitor security advisories and Drupal security announcements for updates.
Websites running Drupal Core versions 10.1.7 and earlier that utilize the Comment module are at risk. This includes organizations relying on Drupal for content management, e-commerce platforms, and community forums. Sites with limited resources or those that are not regularly updated are particularly vulnerable.
• drupal: Check Drupal core version using drush --version. If the version is less than 10.1.8, the site is vulnerable.
• generic web: Monitor web server logs for unusual patterns of comment reply requests, particularly those originating from a single IP address or user account. Look for a high volume of requests within a short timeframe.
• generic web: Use a WAF to implement rate limiting on comment reply requests, restricting the number of requests allowed per user or IP address within a given time period.
# Example WAF rule (syntax varies by vendor)
if (http.request.method == "POST" && http.request.path =~ "/comment/") {
rate_limit(10, 60); # Allow 10 requests per minute
}disclosure
Exploit-Status
EPSS
0.69% (72% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2024-11941 is to upgrade Drupal Core to version 10.1.8 or later. If immediate upgrading is not possible, consider implementing rate limiting on comment reply requests to prevent abuse. Monitor server resource utilization (CPU, memory, network) for unusual spikes that could indicate a DoS attack. Review and optimize database queries related to comment handling. After upgrade, confirm by attempting to submit a large number of comment replies and verifying that the server remains responsive.
Actualice Drupal Core a la versión 10.2.2 o superior, o a la versión 10.1.8 o superior. Esto solucionará la vulnerabilidad de asignación excesiva que puede llevar a una denegación de servicio. Realice una copia de seguridad de su sitio web antes de realizar la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-11941 is a denial-of-service vulnerability in Drupal Core affecting versions up to 10.1.7. Malicious comment reply requests can cause the site to become unresponsive.
You are affected if you are using Drupal Core version 10.1.7 or earlier and have the Comment module enabled. Sites without the Comment module are not vulnerable.
Upgrade Drupal Core to version 10.1.8 or later. If immediate upgrade is not possible, disable the Comment module or implement rate limiting.
There is currently no evidence of active exploitation in the wild, and no public proof-of-concept code has been released.
Refer to the official Drupal security advisory at https://www.drupal.org/security/announcements/1603898
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine composer.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.