7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.8 High
AI Score
Confidence
High
0.732 High
EPSS
Percentile
98.1%
Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size.
was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could
Allow an attacker acting remotely to cause a denial of service
A vulnerability in the Varnish cache server is related to the server running out of credits during the flow of the
HTTP/2 connection control flow. Exploitation of the vulnerability could allow an attacker acting remotely to create a situation where the server is overloaded.
remotely, to create a situation where the server stops properly handling active HTTP streams, saving the
resources already allocated, resulting in resource exhaustion.
The vulnerability in the Varnish cache server is related to the fact that characters passed through HTTP/2 pseudo headers, and
that are invalid in the context of an HTTP/1 request string, resulting in the Varnish server issuing invalid HTTP/1 requests.
invalid HTTP/1 requests to the server side. Exploitation of the vulnerability could allow an attacker,
acting remotely, to exploit vulnerabilities in the server behind the Varnish server.
A vulnerability in the HTTP/2 protocol implementation is related to the ability to generate a stream of requests within an already
network connection already established, without opening new network connections and without acknowledging the receipt of the
packets. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of
denial of service
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.8 High
AI Score
Confidence
High
0.732 High
EPSS
Percentile
98.1%