Lucene search

K
redhatRedHatRHSA-2023:7247
HistoryNov 15, 2023 - 5:06 p.m.

(RHSA-2023:7247) Critical: Red Hat Fuse 7.12.1 release and security update

2023-11-1517:06:12
access.redhat.com
43
red hat fuse
security update
http/2
rapid reset attack
openwire module
remote code execution
outofmemoryerror
gzipsource
security bypass
denial of service
memory
improper validation
dos
information leak
request smuggling
authentication

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.964

Percentile

99.6%

This release of Red Hat Fuse 7.12.1 serves as a replacement for Red Hat Fuse 7.12 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.

Security Fix(es):

  • HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.

  • OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack (CVE-2023-46604)

  • undertow: OutOfMemoryError due to @MultipartConfig handling (CVE-2023-3223)

  • okio: GzipSource class improper exception handling (CVE-2023-3635)

  • spring-security: spring-security-webflux: path wildcard leads to security bypass (CVE-2023-34034)

  • http2-hpack: jetty: hpack header values cause denial of service in http/2 (CVE-2023-36478)

  • avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)

  • jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)

  • tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)

  • tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)

  • tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)

  • jetty: Improper addition of quotation marks to user inputs in CgiServlet (CVE-2023-36479)

  • jetty: OpenId Revoked authentication allows one request (CVE-2023-41900)

For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.964

Percentile

99.6%