CVE-2023-44487 Report - Details, Severity, & Advisories
Twingate Team
•
Apr 17, 2024
CVE-2023-44487 is a high-severity vulnerability affecting the HTTP/2 protocol, which can lead to denial of service attacks due to rapid resetting of many streams. This issue has been exploited in the wild and impacts a wide range of systems and applications that implement or rely on the HTTP/2 protocol. Some affected systems include Apache Trafficserver, Jenkins, and various open-source implementations. It's important to stay informed and apply necessary updates to protect against this vulnerability.
How do I know if I'm affected?
To determine if you're affected by the vulnerability, you should check if you're using any of the impacted software versions. Some affected versions include nghttp2 up to 1.56.1, Netty up to 4.1.99, Envoy 1.24.10, 1.25.9, 1.26.4, and 1.27.0, Eclipse Jetty up to 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Caddy up to 2.7.4, and Golang up to 1.20.9, among others. Additionally, Jenkins instances that enable HTTP/2 are vulnerable, typically when using the --http2Port argument. Note that this is a simplified explanation, and you should consult the National Vulnerability Database for a comprehensive list of affected software configurations.
What should I do if I'm affected?
If you're affected by the vulnerability, it's crucial to take action to protect your systems. First, check for updates or patches provided by the software vendor and apply them promptly. If you're using Jenkins with HTTP/2 enabled, upgrade to Jenkins 2.428 or Jenkins LTS 2.414.3 to fix the issue. For other affected software, follow the vendor's instructions or discontinue use if no mitigations are available.
Is CVE-2023-44487 in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-44487 vulnerability, also known as the HTTP/2 Rapid Reset Attack Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on October 10, 2023, with a due date of October 31, 2023. To address this high-severity issue, organizations should apply mitigations as per vendor instructions or discontinue the use of affected products if no mitigations are available.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as CWE-400, which is an issue causing uncontrolled resource consumption in various HTTP/2 implementations, leading to denial of service attacks.
For more details
CVE-2023-44487, the HTTP/2 Rapid Reset Attack Vulnerability, poses a significant risk to a wide range of systems and applications. To safeguard against this high-severity issue, it's crucial to stay informed, apply necessary updates, and follow vendor instructions. For a comprehensive understanding of the vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2023-44487 Report - Details, Severity, & Advisories
Twingate Team
•
Apr 17, 2024
CVE-2023-44487 is a high-severity vulnerability affecting the HTTP/2 protocol, which can lead to denial of service attacks due to rapid resetting of many streams. This issue has been exploited in the wild and impacts a wide range of systems and applications that implement or rely on the HTTP/2 protocol. Some affected systems include Apache Trafficserver, Jenkins, and various open-source implementations. It's important to stay informed and apply necessary updates to protect against this vulnerability.
How do I know if I'm affected?
To determine if you're affected by the vulnerability, you should check if you're using any of the impacted software versions. Some affected versions include nghttp2 up to 1.56.1, Netty up to 4.1.99, Envoy 1.24.10, 1.25.9, 1.26.4, and 1.27.0, Eclipse Jetty up to 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Caddy up to 2.7.4, and Golang up to 1.20.9, among others. Additionally, Jenkins instances that enable HTTP/2 are vulnerable, typically when using the --http2Port argument. Note that this is a simplified explanation, and you should consult the National Vulnerability Database for a comprehensive list of affected software configurations.
What should I do if I'm affected?
If you're affected by the vulnerability, it's crucial to take action to protect your systems. First, check for updates or patches provided by the software vendor and apply them promptly. If you're using Jenkins with HTTP/2 enabled, upgrade to Jenkins 2.428 or Jenkins LTS 2.414.3 to fix the issue. For other affected software, follow the vendor's instructions or discontinue use if no mitigations are available.
Is CVE-2023-44487 in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-44487 vulnerability, also known as the HTTP/2 Rapid Reset Attack Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on October 10, 2023, with a due date of October 31, 2023. To address this high-severity issue, organizations should apply mitigations as per vendor instructions or discontinue the use of affected products if no mitigations are available.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as CWE-400, which is an issue causing uncontrolled resource consumption in various HTTP/2 implementations, leading to denial of service attacks.
For more details
CVE-2023-44487, the HTTP/2 Rapid Reset Attack Vulnerability, poses a significant risk to a wide range of systems and applications. To safeguard against this high-severity issue, it's crucial to stay informed, apply necessary updates, and follow vendor instructions. For a comprehensive understanding of the vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2023-44487 Report - Details, Severity, & Advisories
Twingate Team
•
Apr 17, 2024
CVE-2023-44487 is a high-severity vulnerability affecting the HTTP/2 protocol, which can lead to denial of service attacks due to rapid resetting of many streams. This issue has been exploited in the wild and impacts a wide range of systems and applications that implement or rely on the HTTP/2 protocol. Some affected systems include Apache Trafficserver, Jenkins, and various open-source implementations. It's important to stay informed and apply necessary updates to protect against this vulnerability.
How do I know if I'm affected?
To determine if you're affected by the vulnerability, you should check if you're using any of the impacted software versions. Some affected versions include nghttp2 up to 1.56.1, Netty up to 4.1.99, Envoy 1.24.10, 1.25.9, 1.26.4, and 1.27.0, Eclipse Jetty up to 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Caddy up to 2.7.4, and Golang up to 1.20.9, among others. Additionally, Jenkins instances that enable HTTP/2 are vulnerable, typically when using the --http2Port argument. Note that this is a simplified explanation, and you should consult the National Vulnerability Database for a comprehensive list of affected software configurations.
What should I do if I'm affected?
If you're affected by the vulnerability, it's crucial to take action to protect your systems. First, check for updates or patches provided by the software vendor and apply them promptly. If you're using Jenkins with HTTP/2 enabled, upgrade to Jenkins 2.428 or Jenkins LTS 2.414.3 to fix the issue. For other affected software, follow the vendor's instructions or discontinue use if no mitigations are available.
Is CVE-2023-44487 in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-44487 vulnerability, also known as the HTTP/2 Rapid Reset Attack Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on October 10, 2023, with a due date of October 31, 2023. To address this high-severity issue, organizations should apply mitigations as per vendor instructions or discontinue the use of affected products if no mitigations are available.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as CWE-400, which is an issue causing uncontrolled resource consumption in various HTTP/2 implementations, leading to denial of service attacks.
For more details
CVE-2023-44487, the HTTP/2 Rapid Reset Attack Vulnerability, poses a significant risk to a wide range of systems and applications. To safeguard against this high-severity issue, it's crucial to stay informed, apply necessary updates, and follow vendor instructions. For a comprehensive understanding of the vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.