HTTP: Django Web Framework Denial of Service
This signature detects attempts to exploit a known vulnerability against DJango Framework. A successful attack can result in a denial-of-service condition.
Extended Description
The authentication framework (django.contrib.auth) in Django 1.4.x before 1.4.8, 1.5.x before 1.5.4, and 1.6.x before 1.6 beta 4 allows remote attackers to cause a denial of service (CPU consumption) via a long password which is then hashed.
Affected Products
Djangoproject django
References
CVE: CVE-2023-46695
URL: https://www.djangoproject.com/weblog/2023/nov/01/security-releases/
Short Name
HTTP:DOS:DJANGO-FRAMEWORK-DOS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2013-1443 CVE-2023-46695 Denial Django Framework Service Web of
Release Date
08/26/2016
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3704
False Positive
Unknown
Vendors
Djangoproject
CVSS Score
5.0