Aimhubio Aim Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Aimhubio Aim version 3.25.0. This issue occurs when a large number of tracked metrics are retrieved simultaneously from the Aim web API, causing the web server to become unresponsive. The vulnerability arises from the absence of a limit on the number of metrics that can be requested per call, coupled with the server's single-threaded architecture. This combination leads to excessive resource consumption, blocking the server and causing a service outage.

Impact

Exploitation of this vulnerability can cause the web server to become unresponsive, leading to a denial-of-service condition where legitimate users are unable to access the service.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Aimhubio Aim Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating