Lucene search
CISACISA-KEV-CVE-2023-44487HistoryOct 10, 2023 - 12:00 a.m.
HTTP/2 Rapid Reset Attack Vulnerability
2023-10-1000:00:00
CISA
www.cisa.gov
586
http/2
rapid reset
vulnerability
ddos attack
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.708
Percentile
98.1%
HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
Related
amazon
amazon
Important: nghttp2
2023-10-16 13:45:00
redhat
redhat
(RHSA-2023:5924) Important: varnish security update
2023-10-19 12:19:57
nessus
nessus
Oracle Linux 8 : dotnet7.0 (ELSA-2023-5709)
2023-10-19 00:00:00
AlmaLinux 8 : nodejs:16 (ALSA-2023:5850)
2023-10-19 00:00:00
Oracle Linux 9 : varnish (ELSA-2023-5924)
2023-10-24 00:00:00
rocky
rocky
nodejs security update
2023-10-24 18:36:46
varnish security update
2023-10-24 18:35:47
varnish security update
2023-10-24 18:36:42
ibm
ibm
cbl_mariner
cbl_mariner
CVE-2023-44487 affecting package coredns for versions less than 1.11.1-1
2024-02-02 20:37:47
CVE-2023-44487 affecting package etcd for versions less than 3.5.6-11
2024-03-22 16:14:52
openvas
openvas
Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2023-3282)
2023-12-12 00:00:00
Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1092)
2024-01-09 00:00:00
Fedora: Security Advisory for mcrouter (FEDORA-2023-7934802344)
2023-11-05 00:00:00
osv
osv
dotnet8 vulnerability
2023-10-19 15:57:27
CGA-xr5x-637v-fqgc
2024-06-06 12:30:03
CGA-rwg6-qrw3-mq94
2024-06-06 12:29:25
oraclelinux
oraclelinux
.NET 7.0 security update
2023-10-18 00:00:00
nghttp2 security update
2023-10-19 00:00:00
nodejs security update
2023-10-20 00:00:00
almalinux
almalinux
Important: varnish security update
2023-10-23 00:00:00
Important: varnish security update
2023-10-19 00:00:00
Moderate: nginx:1.20 security update
2023-10-16 00:00:00
atlassian
atlassian
fedora
fedora
[SECURITY] Fedora 38 Update: wangle-2023.10.16.00-1.fc38
2023-10-24 01:23:49
[SECURITY] Fedora 39 Update: proxygen-2023.10.16.00-1.fc39
2023-11-03 19:01:54
[SECURITY] Fedora 38 Update: fbthrift-2023.10.16.00-1.fc38
2023-10-24 01:23:49
github
github
HTTP/2 Stream Cancellation Attack
2023-10-10 21:28:24
redos
redos
ROS-20231107-01
2023-11-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-10-12 14:37:40
debian
debian
[SECURITY] [DLA 3638-1] h2o security update
2023-10-31 14:09:23
[SECURITY] [DLA 3617-2] tomcat9 regression update
2023-10-16 22:23:23
[SECURITY] [DLA 3656-1] netty security update
2023-11-19 20:45:02
githubexploit
githubexploit
Exploit for Uncontrolled Resource Consumption in Ietf Http
2023-12-11 23:12:03
impervablog
impervablog
HTTP/2 Rapid Reset Mitigation With Imperva WAF
2024-01-03 14:21:45
hivepro
hivepro
Attacks, Vulnerabilities and Actors 9 October to 15 October 2023
2023-10-17 09:10:10
nvd
nvd
CVE-2023-44487
2023-10-10 14:15:10
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.708
Percentile
98.1%
Related for CISA-KEV-CVE-2023-44487