Primary

Context

O-RAN Near Realtime RIC H-Release E2 Subscription Request Flooding Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in O-RAN Near Realtime RIC H-Release. This issue arises when an xApp floods the system with a large number of E2 Subscription Requests, causing the e2mgr component to crash.

Impact

Exploitation of this vulnerability leads to a crash of the e2mgr component, causing a denial-of-service condition where the component is no longer operational.

Reproduction

To reproduce this vulnerability, send a high volume of E2 Subscription Requests from an xApp to the Near-RT RIC component. The e2mgr will crash as a result.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

O-RAN Near Realtime RIC H-Release E2 Subscription Request Flooding Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating