Vulnerabilites related to redhat - migration_toolkit_for_applications
CVE-2022-4492 (GCVE-0-2022-4492)
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2025-03-12 14:34
Severity ?
EPSS score ?
Summary
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T01:41:45.097Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153260", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2022-4492", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230324-0002/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-4492", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-12T14:33:53.756138Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server-Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-12T14:34:50.123Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "undertow", vendor: "n/a", versions: [ { status: "affected", version: "2.7", }, ], }, ], descriptions: [ { lang: "en", value: "The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.", }, ], problemTypes: [ { descriptions: [ { description: "ssrf", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-24T00:00:00.000Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153260", }, { url: "https://access.redhat.com/security/cve/CVE-2022-4492", }, { url: "https://security.netapp.com/advisory/ntap-20230324-0002/", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-4492", datePublished: "2023-02-23T00:00:00.000Z", dateReserved: "2022-12-14T00:00:00.000Z", dateUpdated: "2025-03-12T14:34:50.123Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-6291 (GCVE-0-2023-6291)
Vulnerability from cvelistv5
Published
2024-01-26 14:23
Modified
2025-04-04 19:35
Severity ?
EPSS score ?
Summary
A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Red Hat | Red Hat build of Keycloak 22 |
Unaffected: 22.0.7-1 < * cpe:/a:redhat:build_keycloak:22::el9 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:28:21.867Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2023:7854", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:7854", }, { name: "RHSA-2023:7855", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:7855", }, { name: "RHSA-2023:7856", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:7856", }, { name: "RHSA-2023:7857", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:7857", }, { name: "RHSA-2023:7858", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:7858", }, { name: "RHSA-2023:7860", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:7860", }, { name: "RHSA-2023:7861", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:7861", }, { name: "RHSA-2024:0798", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0798", }, { name: "RHSA-2024:0799", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0799", }, { name: "RHSA-2024:0800", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0800", }, { name: "RHSA-2024:0801", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0801", }, { name: "RHSA-2024:0804", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0804", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-6291", }, { name: "RHBZ#2251407", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2251407", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-6291", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T14:56:46.143772Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T14:56:59.598Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.7-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-6", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-9", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat build of Keycloak 22.0.7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat Single Sign-On 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.11-2.redhat_00003.1.el7sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.12-1.redhat_00001.1.el7sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.11-2.redhat_00003.1.el8sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.12-1.redhat_00001.1.el8sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.11-2.redhat_00003.1.el9sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.12-1.redhat_00001.1.el9sso", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso76-openshift-rhel8", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-38", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso7-rhel8-operator-bundle", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6.6-2", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso76-openshift-rhel8", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-41", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6.6", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Single Sign-On 7.6.6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:migration_toolkit_applications:6", ], defaultStatus: "affected", packageName: "keycloak", product: "Migration Toolkit for Applications 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:migration_toolkit_applications:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Migration Toolkit for Applications 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:serverless:1", ], defaultStatus: "unaffected", packageName: "keycloak", product: "OpenShift Serverless", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_data_grid:8", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat Data Grid 8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_brms_platform:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat Decision Manager 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_fuse:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat Fuse 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_data_grid:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat JBoss Data Grid 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unaffected", packageName: "rh-sso7-keycloak", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat Process Automation 7", vendor: "Red Hat", }, ], datePublic: "2023-12-14T00:00:00.000Z", descriptions: [ { lang: "en", value: "A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Important", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-04T19:35:31.946Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2023:7854", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:7854", }, { name: "RHSA-2023:7855", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:7855", }, { name: "RHSA-2023:7856", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:7856", }, { name: "RHSA-2023:7857", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:7857", }, { name: "RHSA-2023:7858", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:7858", }, { name: "RHSA-2023:7860", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:7860", }, { name: "RHSA-2023:7861", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:7861", }, { name: "RHSA-2024:0798", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0798", }, { name: "RHSA-2024:0799", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0799", }, { name: "RHSA-2024:0800", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0800", }, { name: "RHSA-2024:0801", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0801", }, { name: "RHSA-2024:0804", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0804", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-6291", }, { name: "RHBZ#2251407", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2251407", }, ], timeline: [ { lang: "en", time: "2023-11-24T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2023-12-14T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: redirect_uri validation bypass", workarounds: [ { lang: "en", value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", }, ], x_redhatCweChain: "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-6291", datePublished: "2024-01-26T14:23:43.185Z", dateReserved: "2023-11-24T18:16:45.923Z", dateUpdated: "2025-04-04T19:35:31.946Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from cvelistv5
Published
2023-10-10 00:00
Modified
2025-03-07 18:15
Severity ?
EPSS score ?
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "http", vendor: "ietf", versions: [ { status: "affected", version: "2.0", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-44487", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-23T20:34:21.334116Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-10-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-44487", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-23T20:35:03.253Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-19T07:48:04.546Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", }, { tags: [ "x_transferred", ], url: "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", }, { tags: [ "x_transferred", ], url: "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", }, { tags: [ "x_transferred", ], url: "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", }, { tags: [ "x_transferred", ], url: "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", }, { tags: [ "x_transferred", ], url: "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37831062", }, { tags: [ "x_transferred", ], url: "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", }, { tags: [ "x_transferred", ], url: "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", }, { tags: [ "x_transferred", ], url: "https://github.com/envoyproxy/envoy/pull/30055", }, { tags: [ "x_transferred", ], url: "https://github.com/haproxy/haproxy/issues/2312", }, { tags: [ "x_transferred", ], url: "https://github.com/eclipse/jetty.project/issues/10679", }, { tags: [ "x_transferred", ], url: "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", }, { tags: [ "x_transferred", ], url: "https://github.com/nghttp2/nghttp2/pull/1961", }, { tags: [ "x_transferred", ], url: "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", }, { tags: [ "x_transferred", ], url: "https://github.com/alibaba/tengine/issues/1872", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37830987", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37830998", }, { tags: [ "x_transferred", ], url: "https://github.com/caddyserver/caddy/issues/5877", }, { tags: [ "x_transferred", ], url: "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", }, { tags: [ "x_transferred", ], url: "https://github.com/bcdannyboy/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://github.com/grpc/grpc-go/pull/6703", }, { tags: [ "x_transferred", ], url: "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", }, { tags: [ "x_transferred", ], url: "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", }, { tags: [ "x_transferred", ], url: "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", }, { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K000137106", }, { tags: [ "x_transferred", ], url: "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", }, { tags: [ "x_transferred", ], url: "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", }, { tags: [ "x_transferred", ], url: "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", }, { tags: [ "x_transferred", ], url: "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", }, { tags: [ "x_transferred", ], url: "https://github.com/microsoft/CBL-Mariner/pull/6381", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", }, { tags: [ "x_transferred", ], url: "https://github.com/facebook/proxygen/pull/466", }, { tags: [ "x_transferred", ], url: "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", }, { tags: [ "x_transferred", ], url: "https://github.com/micrictor/http2-rst-stream", }, { tags: [ "x_transferred", ], url: "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", }, { tags: [ "x_transferred", ], url: "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", }, { tags: [ "x_transferred", ], url: "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", }, { tags: [ "x_transferred", ], url: "https://github.com/h2o/h2o/pull/3291", }, { tags: [ "x_transferred", ], url: "https://github.com/nodejs/node/pull/50121", }, { tags: [ "x_transferred", ], url: "https://github.com/dotnet/announcements/issues/277", }, { tags: [ "x_transferred", ], url: "https://github.com/golang/go/issues/63417", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-vx74-f528-fxqg", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/trafficserver/pull/10564", }, { tags: [ "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", }, { tags: [ "x_transferred", ], url: "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2023/10/10/6", }, { tags: [ "x_transferred", ], url: "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", }, { tags: [ "x_transferred", ], url: "https://github.com/opensearch-project/data-prepper/issues/3474", }, { tags: [ "x_transferred", ], url: "https://github.com/kubernetes/kubernetes/pull/121120", }, { tags: [ "x_transferred", ], url: "https://github.com/oqtane/oqtane.framework/discussions/3367", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", }, { tags: [ "x_transferred", ], url: "https://netty.io/news/2023/10/10/4-1-100-Final.html", }, { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", }, { tags: [ "x_transferred", ], url: "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", }, { tags: [ "x_transferred", ], url: "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37837043", }, { tags: [ "x_transferred", ], url: "https://github.com/kazu-yamamoto/http2/issues/93", }, { tags: [ "x_transferred", ], url: "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", }, { tags: [ "x_transferred", ], url: "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", }, { name: "DSA-5522", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { name: "DSA-5521", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5521", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2023-44487", }, { tags: [ "x_transferred", ], url: "https://github.com/ninenines/cowboy/issues/1615", }, { tags: [ "x_transferred", ], url: "https://github.com/varnishcache/varnish-cache/issues/3996", }, { tags: [ "x_transferred", ], url: "https://github.com/tempesta-tech/tempesta/issues/1986", }, { tags: [ "x_transferred", ], url: "https://blog.vespa.ai/cve-2023-44487/", }, { tags: [ "x_transferred", ], url: "https://github.com/etcd-io/etcd/issues/16740", }, { tags: [ "x_transferred", ], url: "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", }, { tags: [ "x_transferred", ], url: "https://istio.io/latest/news/security/istio-security-2023-004/", }, { tags: [ "x_transferred", ], url: "https://github.com/junkurihara/rust-rpxy/issues/97", }, { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1216123", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", }, { tags: [ "x_transferred", ], url: "https://ubuntu.com/security/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/httpd-site/pull/10", }, { tags: [ "x_transferred", ], url: "https://github.com/projectcontour/contour/pull/5826", }, { tags: [ "x_transferred", ], url: "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", }, { tags: [ "x_transferred", ], url: "https://github.com/line/armeria/pull/5232", }, { tags: [ "x_transferred", ], url: "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", }, { tags: [ "x_transferred", ], url: "https://security.paloaltonetworks.com/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://github.com/akka/akka-http/issues/4323", }, { tags: [ "x_transferred", ], url: "https://github.com/openresty/openresty/issues/930", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/apisix/issues/10320", }, { tags: [ "x_transferred", ], url: "https://github.com/Azure/AKS/issues/3947", }, { tags: [ "x_transferred", ], url: "https://github.com/Kong/kong/discussions/11741", }, { tags: [ "x_transferred", ], url: "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", }, { tags: [ "x_transferred", ], url: "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", }, { tags: [ "x_transferred", ], url: "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", }, { name: "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { name: "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/4", }, { name: "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/9", }, { tags: [ "x_transferred", ], url: "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", }, { tags: [ "x_transferred", ], url: "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", }, { name: "FEDORA-2023-ed2642fd58", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", }, { tags: [ "x_transferred", ], url: "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", }, { name: "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20231016-0001/", }, { name: "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", }, { name: "[oss-security] 20231018 Vulnerability in Jenkins", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/4", }, { name: "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/8", }, { name: "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/19/6", }, { name: "FEDORA-2023-54fadada12", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", }, { name: "FEDORA-2023-5ff7bf1dd8", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", }, { name: "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/10/20/8", }, { name: "FEDORA-2023-17efd3f2cd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", }, { name: "FEDORA-2023-d5030c983c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", }, { name: "FEDORA-2023-0259c3f26f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", }, { name: "FEDORA-2023-2a9214af5f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", }, { name: "FEDORA-2023-e9c04d81c1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", }, { name: "FEDORA-2023-f66fc0f62a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", }, { name: "FEDORA-2023-4d2fd884ea", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", }, { name: "FEDORA-2023-b2c50535cb", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", }, { name: "FEDORA-2023-fe53e13b5b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", }, { name: "FEDORA-2023-4bf641255e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", }, { name: "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", }, { name: "DSA-5540", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5540", }, { name: "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", }, { tags: [ "x_transferred", ], url: "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", }, { name: "FEDORA-2023-1caffb88af", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", }, { name: "FEDORA-2023-3f70b8d406", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", }, { name: "FEDORA-2023-7b52921cae", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", }, { name: "FEDORA-2023-7934802344", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", }, { name: "FEDORA-2023-dbe64661af", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", }, { name: "FEDORA-2023-822aab0a5a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", }, { name: "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", }, { name: "DSA-5549", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5549", }, { name: "FEDORA-2023-c0c6a91330", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", }, { name: "FEDORA-2023-492b7be466", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", }, { name: "DSA-5558", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5558", }, { name: "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", }, { name: "GLSA-202311-09", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202311-09", }, { name: "DSA-5570", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5570", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240426-0007/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0007/", }, { url: "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-07T18:15:13.812Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", }, { url: "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", }, { url: "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", }, { url: "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", }, { url: "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", }, { url: "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", }, { url: "https://news.ycombinator.com/item?id=37831062", }, { url: "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", }, { url: "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", }, { url: "https://github.com/envoyproxy/envoy/pull/30055", }, { url: "https://github.com/haproxy/haproxy/issues/2312", }, { url: "https://github.com/eclipse/jetty.project/issues/10679", }, { url: "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", }, { url: "https://github.com/nghttp2/nghttp2/pull/1961", }, { url: "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", }, { url: "https://github.com/alibaba/tengine/issues/1872", }, { url: "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", }, { url: "https://news.ycombinator.com/item?id=37830987", }, { url: "https://news.ycombinator.com/item?id=37830998", }, { url: "https://github.com/caddyserver/caddy/issues/5877", }, { url: "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", }, { url: "https://github.com/bcdannyboy/CVE-2023-44487", }, { url: "https://github.com/grpc/grpc-go/pull/6703", }, { url: "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", }, { url: "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", }, { url: "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", }, { url: "https://my.f5.com/manage/s/article/K000137106", }, { url: "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", }, { url: "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", }, { url: "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", }, { name: "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/10/7", }, { name: "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/10/6", }, { url: "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", }, { url: "https://github.com/microsoft/CBL-Mariner/pull/6381", }, { url: "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", }, { url: "https://github.com/facebook/proxygen/pull/466", }, { url: "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", }, { url: "https://github.com/micrictor/http2-rst-stream", }, { url: "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", }, { url: "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", }, { url: "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", }, { url: "https://github.com/h2o/h2o/pull/3291", }, { url: "https://github.com/nodejs/node/pull/50121", }, { url: "https://github.com/dotnet/announcements/issues/277", }, { url: "https://github.com/golang/go/issues/63417", }, { url: "https://github.com/advisories/GHSA-vx74-f528-fxqg", }, { url: "https://github.com/apache/trafficserver/pull/10564", }, { url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", }, { url: "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", }, { url: "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", }, { url: "https://www.openwall.com/lists/oss-security/2023/10/10/6", }, { url: "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", }, { url: "https://github.com/opensearch-project/data-prepper/issues/3474", }, { url: "https://github.com/kubernetes/kubernetes/pull/121120", }, { url: "https://github.com/oqtane/oqtane.framework/discussions/3367", }, { url: "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", }, { url: "https://netty.io/news/2023/10/10/4-1-100-Final.html", }, { url: "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", }, { url: "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", }, { url: "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", }, { url: "https://news.ycombinator.com/item?id=37837043", }, { url: "https://github.com/kazu-yamamoto/http2/issues/93", }, { url: "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", }, { url: "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", }, { url: "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", }, { name: "DSA-5522", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { name: "DSA-5521", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5521", }, { url: "https://access.redhat.com/security/cve/cve-2023-44487", }, { url: "https://github.com/ninenines/cowboy/issues/1615", }, { url: "https://github.com/varnishcache/varnish-cache/issues/3996", }, { url: "https://github.com/tempesta-tech/tempesta/issues/1986", }, { url: "https://blog.vespa.ai/cve-2023-44487/", }, { url: "https://github.com/etcd-io/etcd/issues/16740", }, { url: "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", }, { url: "https://istio.io/latest/news/security/istio-security-2023-004/", }, { url: "https://github.com/junkurihara/rust-rpxy/issues/97", }, { url: "https://bugzilla.suse.com/show_bug.cgi?id=1216123", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", }, { url: "https://ubuntu.com/security/CVE-2023-44487", }, { url: "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", }, { url: "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", }, { url: "https://github.com/apache/httpd-site/pull/10", }, { url: "https://github.com/projectcontour/contour/pull/5826", }, { url: "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", }, { url: "https://github.com/line/armeria/pull/5232", }, { url: "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", }, { url: "https://security.paloaltonetworks.com/CVE-2023-44487", }, { url: "https://github.com/akka/akka-http/issues/4323", }, { url: "https://github.com/openresty/openresty/issues/930", }, { url: "https://github.com/apache/apisix/issues/10320", }, { url: "https://github.com/Azure/AKS/issues/3947", }, { url: "https://github.com/Kong/kong/discussions/11741", }, { url: "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", }, { url: "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", }, { url: "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", }, { name: "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { name: "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/4", }, { name: "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/9", }, { url: "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", }, { url: "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", }, { name: "FEDORA-2023-ed2642fd58", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", }, { url: "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", }, { name: "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", }, { url: "https://security.netapp.com/advisory/ntap-20231016-0001/", }, { name: "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", }, { name: "[oss-security] 20231018 Vulnerability in Jenkins", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/4", }, { name: "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/8", }, { name: "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/19/6", }, { name: "FEDORA-2023-54fadada12", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", }, { name: "FEDORA-2023-5ff7bf1dd8", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", }, { name: "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/10/20/8", }, { name: "FEDORA-2023-17efd3f2cd", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", }, { name: "FEDORA-2023-d5030c983c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", }, { name: "FEDORA-2023-0259c3f26f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", }, { name: "FEDORA-2023-2a9214af5f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", }, { name: "FEDORA-2023-e9c04d81c1", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", }, { name: "FEDORA-2023-f66fc0f62a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", }, { name: "FEDORA-2023-4d2fd884ea", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", }, { name: "FEDORA-2023-b2c50535cb", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", }, { name: "FEDORA-2023-fe53e13b5b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", }, { name: "FEDORA-2023-4bf641255e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", }, { name: "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", }, { name: "DSA-5540", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5540", }, { name: "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", }, { url: "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", }, { name: "FEDORA-2023-1caffb88af", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", }, { name: "FEDORA-2023-3f70b8d406", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", }, { name: "FEDORA-2023-7b52921cae", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", }, { name: "FEDORA-2023-7934802344", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", }, { name: "FEDORA-2023-dbe64661af", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", }, { name: "FEDORA-2023-822aab0a5a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", }, { name: "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", }, { name: "DSA-5549", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5549", }, { name: "FEDORA-2023-c0c6a91330", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", }, { name: "FEDORA-2023-492b7be466", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", }, { name: "DSA-5558", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5558", }, { name: "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", }, { name: "GLSA-202311-09", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202311-09", }, { name: "DSA-5570", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5570", }, { url: "https://security.netapp.com/advisory/ntap-20240426-0007/", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0007/", }, { url: "https://github.com/grpc/grpc/releases/tag/v1.59.2", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-44487", datePublished: "2023-10-10T00:00:00.000Z", dateReserved: "2023-09-29T00:00:00.000Z", dateUpdated: "2025-03-07T18:15:13.812Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-02-23 20:15
Modified
2025-03-12 15:15
Severity ?
Summary
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | build_of_quarkus | - | |
| redhat | integration_camel_for_spring_boot | - | |
| redhat | integration_camel_k | - | |
| redhat | integration_service_registry | - | |
| redhat | jboss_enterprise_application_platform | 7.0.0 | |
| redhat | jboss_fuse | 7.0.0 | |
| redhat | migration_toolkit_for_applications | 6.0 | |
| redhat | migration_toolkit_for_runtimes | - | |
| redhat | single_sign-on | 7.0 | |
| redhat | undertow | 2.7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*", matchCriteriaId: "CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*", matchCriteriaId: "78698F40-0777-4990-822D-02E1B5D0E2C0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*", matchCriteriaId: "B87C8AD3-8878-4546-86C2-BF411876648C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*", matchCriteriaId: "EF03BDE8-602D-4DEE-BA5B-5B20FDF47741", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "72A54BDA-311C-413B-8E4D-388AD65A170A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B40CCE4F-EA2C-453D-BB76-6388767E5C6D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*", matchCriteriaId: "3C2E7E3C-A507-4AB2-97E5-4944D8775CF7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_runtimes:-:*:*:*:*:*:*:*", matchCriteriaId: "F979A5E3-7FFB-45F1-9847-FFBAF0B12067", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:undertow:2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "E0FA5F7F-CCE8-4DF0-8F9D-516F72C30A45", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.", }, ], id: "CVE-2022-4492", lastModified: "2025-03-12T15:15:38.020", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-23T20:15:12.680", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2022-4492", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153260", }, { source: "secalert@redhat.com", url: "https://security.netapp.com/advisory/ntap-20230324-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2022-4492", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2153260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230324-0002/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-918", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-26 15:15
Modified
2024-11-21 08:43
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Summary
A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", matchCriteriaId: "66A01C0F-CB27-4A62-9B86-C35CCD605AB6", versionEndExcluding: "22.0.7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", matchCriteriaId: "341E6313-20D5-44CB-9719-B20585DC5AD6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:*", matchCriteriaId: "EA983F8C-3A06-450A-AEFF-9429DE9A3454", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*", matchCriteriaId: "40449571-22F8-44FA-B57B-B43F71AB25E2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.9:*:*:*:*:*:*:*", matchCriteriaId: "01B0F191-ADDB-4AAE-A5C5-5CC16909E64A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.10:*:*:*:*:*:*:*", matchCriteriaId: "FD75BCB4-F0E1-4C05-A2D7-001503C805C9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:*:*:*:*:*:*:*", matchCriteriaId: "B02036DD-4489-480B-B7D4-4EB08952377B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:*", matchCriteriaId: "C7E78C55-45B6-4E01-9773-D3468F8EA9C3", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:*", matchCriteriaId: "30E2CF79-2D56-48AB-952E-5DDAFE471073", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:*", matchCriteriaId: "54E24055-813B-4E6D-94B7-FAD5F78B8537", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:single_sign-on:7.6:*:*:*:*:*:*:*", matchCriteriaId: "2DEC61BC-E699-456E-99B6-C049F2A5F23F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*", matchCriteriaId: "3C2E7E3C-A507-4AB2-97E5-4944D8775CF7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_applications:7.0:*:*:*:*:*:*:*", matchCriteriaId: "C6FE20CE-E1C9-4645-98B6-A22B81356642", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.", }, { lang: "es", value: "Se encontró un fallo en la lógica de validación de redirect_uri en Keycloak. Este problema puede permitir la omisión de hosts permitidos explícitamente. Un ataque exitoso puede provocar el robo de un token de acceso, lo que hace posible que el atacante se haga pasar por otros usuarios.", }, ], id: "CVE-2023-6291", lastModified: "2024-11-21T08:43:32.587", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.7, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-26T15:15:08.280", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7854", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7855", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7856", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7857", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7858", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7860", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7861", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:0798", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:0799", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:0800", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:0801", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:0804", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-6291", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2251407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7854", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7856", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7857", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7860", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:7861", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:0798", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:0799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:0800", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:0801", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2024:0804", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-6291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2251407", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-10 14:15
Modified
2025-04-12 01:00
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
References
Impacted products
{ cisaActionDue: "2023-10-31", cisaExploitAdd: "2023-10-10", cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "HTTP/2 Rapid Reset Attack Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*", matchCriteriaId: "D5200E35-222B-42E0-83E0-5B702684D992", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*", matchCriteriaId: "C3BDC297-F023-4E87-8518-B84CCF9DD6A8", versionEndExcluding: "1.57.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*", matchCriteriaId: "D12D5257-7ED2-400F-9EF7-40E0D3650C2B", versionEndExcluding: "4.1.100", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*", matchCriteriaId: "1B058776-B5B7-4079-B0AF-23F40926DCEC", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*", matchCriteriaId: "6D565975-EFD9-467C-B6E3-1866A4EF17A4", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*", matchCriteriaId: "6D487271-1B5E-4F16-B0CB-A7B8908935C6", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*", matchCriteriaId: "BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "A4A6F189-6C43-462D-85C9-B0EBDA8A4683", versionEndExcluding: "9.4.53", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "C993C920-85C0-4181-A95E-5D965A670738", versionEndExcluding: "10.0.17", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "08E79A8E-E12C-498F-AF4F-1AAA7135661E", versionEndExcluding: "11.0.17", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "F138D800-9A3B-4C76-8A3C-4793083A1517", versionEndExcluding: "12.0.2", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*", matchCriteriaId: "6341DDDA-AD27-4087-9D59-0A212F0037B4", versionEndExcluding: "2.7.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", matchCriteriaId: "328120E4-C031-44B4-9BE5-03B0CDAA066F", versionEndExcluding: "1.20.10", vulnerable: true, }, { criteria: "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", matchCriteriaId: "5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A", versionEndExcluding: "1.21.3", versionStartIncluding: "1.21.0", vulnerable: true, }, { criteria: "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*", matchCriteriaId: "D7D2F801-6F65-4705-BCB9-D057EA54A707", versionEndExcluding: "0.17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*", matchCriteriaId: "801F25DA-F38C-4452-8E90-235A3B1A5FF0", versionEndExcluding: "0.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D93F04AD-DF14-48AB-9F13-8B2E491CF42E", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7522C760-7E07-406F-BF50-5656D5723C4F", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3A7F605E-EB10-40FB-98D6-7E3A95E310BC", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "783E62F2-F867-48F1-B123-D1227C970674", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6603ED6A-3366-4572-AFCD-B3D4B1EC7606", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "88978E38-81D3-4EFE-8525-A300B101FA69", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0510296F-92D7-4388-AE3A-0D9799C2FC4D", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D7698D6C-B1F7-43C1-BBA6-88E956356B3D", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "05E452AA-A520-4CBE-8767-147772B69194", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "596FC5D5-7329-4E39-841E-CAE937C02219", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "B3C7A168-F370-441E-8790-73014BCEC39F", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "CF16FD01-7704-40AB-ACB2-80A883804D22", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1769D69A-CB59-46B1-89B3-FB97DC6DEB9B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "9167FEC1-2C37-4946-9657-B4E69301FB24", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "7B4B3442-E0C0-48CD-87AD-060E15C9801E", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "8FA85EC1-D91A-49DD-949B-2AF7AC813CA5", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "20662BB0-4C3D-4CF0-B068-3555C65DD06C", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "59203EBF-C52A-45A1-B8DF-00E17E3EFB51", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7EC2324D-EC8B-41DF-88A7-819E53AAD0FC", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9B88F9D1-B54B-40C7-A18A-26C4A071D7EC", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8F39403-C259-4D6F-9E9A-53671017EEDB", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "220F2D38-FA82-45EF-B957-7678C9FEDBC1", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "5C698C1C-A3DD-46E2-B05A-12F2604E7F85", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "922AA845-530A-4B4B-9976-4CBC30C8A324", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F938EB43-8373-47EB-B269-C6DF058A9244", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1771493E-ACAA-477F-8AB4-25DB12F6AD6E", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "87670A74-34FE-45DF-A725-25B804C845B3", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "C7E422F6-C4C2-43AC-B137-0997B5739030", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "CC3F710F-DBCB-4976-9719-CF063DA22377", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "88EDFCD9-775C-48FA-9CDA-2B04DA8D0612", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "67DB21AE-DF53-442D-B492-C4ED9A20B105", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", matchCriteriaId: "4C9FCBCB-9CE0-49E7-85C8-69E71D211912", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", matchCriteriaId: "112DFA85-90AD-478D-BD70-8C7C0C074F1B", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", matchCriteriaId: "DB704A1C-D8B7-48BB-A15A-C14DB591FE4A", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", matchCriteriaId: "21D51D9F-2840-4DEA-A007-D20111A1745C", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC1D037-74D2-4F92-89AD-C90F6CBF440B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", matchCriteriaId: "CAEF3EA4-7D5A-4B44-9CE3-258AEC745866", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", matchCriteriaId: "2FBCE2D1-9D93-415D-AB2C-2060307C305A", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", matchCriteriaId: "8070B469-8CC4-4D2F-97D7-12D0ABB963C1", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", matchCriteriaId: "A326597E-725D-45DE-BEF7-2ED92137B253", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7B235A78-649B-46C5-B24B-AB485A884654", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "08B25AAB-A98C-4F89-9131-29E3A8C0ED23", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "98D2CE1E-DED0-470A-AA78-C78EF769C38E", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "C966FABA-7199-4F0D-AB8C-4590FE9D2FFF", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "84D00768-E71B-4FF7-A7BF-F2C8CFBC900D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "BC36311E-BB00-4750-85C8-51F5A2604F07", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "A65D357E-4B40-42EC-9AAA-2B6CEF78C401", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "ABBD10E8-6054-408F-9687-B9BF6375CA09", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E6018B01-048C-43BB-A78D-66910ED60CA9", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3A6A5686-5A8B-45D5-9165-BC99D2CCAC47", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5D2A121F-5BD2-4263-8ED3-1DDE25B5C306", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "83794B04-87E2-4CA9-81F5-BB820D0F5395", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "D9EC2237-117F-43BD-ADEC-516CF72E04EF", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "F70D4B6F-65CF-48F4-9A07-072DFBCE53D9", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "29563719-1AF2-4BB8-8CCA-A0869F87795D", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "D24815DD-579A-46D1-B9F2-3BB2C56BC54D", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0A6E7035-3299-474F-8F67-945EA9A059D0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0360F76D-E75E-4B05-A294-B47012323ED9", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7A4607BF-41AC-4E84-A110-74E085FF0445", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "441CC945-7CA3-49C0-AE10-94725301E31D", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "46BA8E8A-6ED5-4FB2-8BBC-586AA031085A", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*", matchCriteriaId: "969C4F14-F6D6-46D6-B348-FC1463877680", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*", matchCriteriaId: "41AD5040-1250-45F5-AB63-63F333D49BCC", versionEndIncluding: "1.8.2", versionStartIncluding: "1.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8257AA59-C14D-4EC1-B22C-DFBB92CBC297", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "37DB32BB-F4BA-4FB5-94B1-55C3F06749CF", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FFF5007E-761C-4697-8D34-C064DF0ABE8D", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "910441D3-90EF-4375-B007-D51120A60AB2", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "667EB77B-DA13-4BA4-9371-EE3F3A109F38", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "8A6F9699-A485-4614-8F38-5A556D31617E", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "5A90F547-97A2-41EC-9FDF-25F869F0FA38", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "E76E1B82-F1DC-4366-B388-DBDF16C586A0", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "660137F4-15A1-42D1-BBAC-99A1D5BB398B", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "C446827A-1F71-4FAD-9422-580642D26AD1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "1932D32D-0E4B-4BBD-816F-6D47AB2E2F04", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "D47B7691-A95B-45C0-BAB4-27E047F3C379", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "2CD1637D-0E42-4928-867A-BA0FDB6E8462", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "3A599F90-F66B-4DF0-AD7D-D234F328BD59", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "3D1B2000-C3FE-4B4C-885A-A5076EB164E1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A", versionEndIncluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "57D92D05-C67D-437E-88F3-DCC3F6B0ED2F", versionEndIncluding: "14.1.5", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "ECCB8C30-861E-4E48-A5F5-30EE523C1FB6", versionEndIncluding: "15.1.10", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F", versionEndIncluding: "16.1.4", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8AB23AE6-245E-43D6-B832-933F8259F937", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", matchCriteriaId: "1188B4A9-2684-413C-83D1-E91C75AE0FCF", versionEndIncluding: "1.25.2", versionStartIncluding: "1.9.5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "3337609D-5291-4A52-BC6A-6A8D4E60EB20", versionEndIncluding: "2.4.2", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "6CF0ABD9-EB28-4966-8C31-EED7AFBF1527", versionEndIncluding: "3.3.0", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*", matchCriteriaId: "F291CB34-47A4-425A-A200-087CC295AEC8", versionEndExcluding: "r29", versionStartIncluding: "r25", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*", matchCriteriaId: "5892B558-EC3A-43FF-A1D5-B2D9F70796F0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*", matchCriteriaId: "96BF2B19-52C7-4051-BA58-CAE6F912B72F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B", versionEndIncluding: "8.5.93", versionStartIncluding: "8.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34", versionEndIncluding: "9.0.80", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "0765CC3D-AB1A-4147-8900-EF4C105321F2", versionEndIncluding: "10.1.13", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*", matchCriteriaId: "D1AA7FF6-E8E7-4BF6-983E-0A99B0183008", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*", matchCriteriaId: "57088BDD-A136-45EF-A8A1-2EBF79CEC2CE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*", matchCriteriaId: "B32D1D7A-A04F-444E-8F45-BB9A9E4B0199", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*", matchCriteriaId: "2AAD52CE-94F5-4F98-A027-9A7E68818CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*", matchCriteriaId: "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*", matchCriteriaId: "03A171AF-2EC8-4422-912C-547CDB58CAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*", matchCriteriaId: "538E68C4-0BA4-495F-AEF8-4EF6EE7963CF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*", matchCriteriaId: "49350A6E-5E1D-45B2-A874-3B8601B3ADCC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*", matchCriteriaId: "5F50942F-DF54-46C0-8371-9A476DD3EEA3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*", matchCriteriaId: "D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*", matchCriteriaId: "98792138-DD56-42DF-9612-3BDC65EEC117", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*", matchCriteriaId: "08190072-3880-4EF5-B642-BA053090D95B", versionEndExcluding: "1.28.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*", matchCriteriaId: "5F4CDEA9-CB47-4881-B096-DA896E2364F3", versionEndExcluding: "1.56.3", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", matchCriteriaId: "E65AF7BC-7DAE-408A-8485-FBED22815F75", versionEndIncluding: "1.59.2", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*", matchCriteriaId: "DD868DDF-C889-4F36-B5E6-68B6D9EA48CC", versionEndExcluding: "1.58.3", versionStartIncluding: "1.58.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*", matchCriteriaId: "FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", matchCriteriaId: "4496821E-BD55-4F31-AD9C-A3D66CBBD6BD", versionEndExcluding: "6.0.23", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", matchCriteriaId: "8DF7ECF6-178D-433C-AA21-BAE9EF248F37", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", matchCriteriaId: "1C3418F4-B8BF-4666-BB39-C188AB01F45C", versionEndExcluding: "6.0.23", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", matchCriteriaId: "1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*", matchCriteriaId: "3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314", versionEndExcluding: "2023-10-08", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", matchCriteriaId: "16A8F269-E07E-402F-BFD5-60F3988A5EAF", versionEndExcluding: "17.2.20", versionStartIncluding: "17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", matchCriteriaId: "C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8", versionEndExcluding: "17.4.12", versionStartIncluding: "17.4", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", matchCriteriaId: "DA5834D4-F52F-41C0-AA11-C974FFEEA063", versionEndExcluding: "17.6.8", versionStartIncluding: "17.6", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", matchCriteriaId: "2166106F-ACD6-4C7B-B0CC-977B83CC5F73", versionEndExcluding: "17.7.5", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", matchCriteriaId: "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F", versionEndExcluding: "10.0.14393.6351", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", matchCriteriaId: "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1", versionEndExcluding: "10.0.14393.6351", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", matchCriteriaId: "E500D59C-6597-45E9-A57B-BE26C0C231D3", versionEndExcluding: "10.0.17763.4974", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", matchCriteriaId: "C9F9A643-90C6-489C-98A0-D2739CE72F86", versionEndExcluding: "10.0.19044.3570", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", matchCriteriaId: "1814619C-ED07-49E0-A50A-E28D824D43BC", versionEndExcluding: "10.0.19045.3570", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", matchCriteriaId: "100A27D3-87B0-4E72-83F6-7605E3F35E63", versionEndExcluding: "10.0.22000.2538", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", matchCriteriaId: "C6A36795-0238-45C9-ABE6-3DCCF751915B", versionEndExcluding: "10.0.22621.2428", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "DB79EE26-FC32-417D-A49C-A1A63165A968", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", matchCriteriaId: "821614DD-37DD-44E2-A8A4-FE8D23A33C3C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "C61F0294-5C7E-4DB2-8905-B85D0782F35F", versionEndExcluding: "18.18.2", versionStartIncluding: "18.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", matchCriteriaId: "69843DE4-4721-4F0A-A9B7-0F6DF5AAA388", versionEndExcluding: "20.8.1", versionStartIncluding: "20.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*", matchCriteriaId: "B25279EF-C406-4133-99ED-0492703E0A4E", versionEndExcluding: "2023-10-11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*", matchCriteriaId: "9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5", versionEndExcluding: "2023-10-10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*", matchCriteriaId: "9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C", versionEndExcluding: "2023.10.16.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*", matchCriteriaId: "EDEB508E-0EBD-4450-9074-983DDF568AB4", versionEndExcluding: "3.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", matchCriteriaId: "93A1A748-6C71-4191-8A16-A93E94E2CDE4", versionEndExcluding: "8.1.9", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", matchCriteriaId: "4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A", versionEndExcluding: "9.2.3", versionStartIncluding: "9.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*", matchCriteriaId: "6F70360D-6214-46BA-AF82-6AB01E13E4E9", versionEndExcluding: "2.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", matchCriteriaId: "46D69DCC-AE4D-4EA5-861C-D60951444C6C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*", matchCriteriaId: "E2DA759E-1AF8-49D3-A3FC-1B426C13CA82", versionEndExcluding: "4.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", matchCriteriaId: "28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF", versionEndExcluding: "1.17.6", vulnerable: true, }, { criteria: "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", matchCriteriaId: "F0C8E760-C8D2-483A-BBD4-6A6D292A3874", versionEndExcluding: "1.18.3", versionStartIncluding: "1.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", matchCriteriaId: "5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7", versionEndExcluding: "1.19.1", versionStartIncluding: "1.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*", matchCriteriaId: "050AE218-3871-44D6-94DA-12D84C2093CB", versionEndExcluding: "2023-10-10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*", matchCriteriaId: "B36BFFB0-C0EC-4926-A1DB-0B711C846A68", versionEndExcluding: "2.10.5", vulnerable: true, }, { criteria: "cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "376EAF9B-E994-4268-9704-0A45EA30270F", vulnerable: true, }, { criteria: "cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "F3D08335-C291-4623-B80C-3B14C4D1FA32", vulnerable: true, }, { criteria: "cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*", matchCriteriaId: "21033CEE-CEF5-4B0D-A565-4A6FC764AA6D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*", matchCriteriaId: "FC4C66B1-42C0-495D-AE63-2889DE0BED84", versionEndExcluding: "2023-10-11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "8633E263-F066-4DD8-A734-90207207A873", versionEndIncluding: "2.12.5", versionStartIncluding: "2.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "34A23BD9-A0F4-4D85-8011-EAC93C29B4E8", vulnerable: true, }, { criteria: "cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "27ED3533-A795-422F-B923-68BE071DC00D", vulnerable: true, }, { criteria: "cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "45F7E352-3208-4188-A5B1-906E00DF9896", vulnerable: true, }, { criteria: "cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*", matchCriteriaId: "DF89A8AD-66FE-439A-B732-CAAB304D765B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*", matchCriteriaId: "A400C637-AF18-4BEE-B57C-145261B65DEC", versionEndExcluding: "1.26.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*", matchCriteriaId: "653A5B08-0D02-4362-A8B1-D00B24C6C6F2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*", matchCriteriaId: "4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*", matchCriteriaId: "F0FD736A-8730-446A-BA3A-7B608DB62B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F4C504B6-3902-46E2-82B7-48AEC9CDD48D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*", matchCriteriaId: "7B4BE2D6-43C3-4065-A213-5DB1325DC78F", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*", matchCriteriaId: "1D54F5AE-61EC-4434-9D5F-9394A3979894", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*", matchCriteriaId: "CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*", matchCriteriaId: "4E37E1B3-6F68-4502-85D6-68333643BDFF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*", matchCriteriaId: "6D5A7736-A403-4617-8790-18E46CB74DA6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "33F13B03-69BF-4A8B-A0A0-7F47FD857461", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "9393119E-F018-463F-9548-60436F104195", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*", matchCriteriaId: "DC45EE1E-2365-42D4-9D55-92FA24E5ED3A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E567CD9F-5A43-4D25-B911-B5D0440698F4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*", matchCriteriaId: "68146098-58F8-417E-B165-5182527117C4", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "CB4D6790-63E5-4043-B8BE-B489D649061D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*", matchCriteriaId: "78698F40-0777-4990-822D-02E1B5D0E2C0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*", matchCriteriaId: "B87C8AD3-8878-4546-86C2-BF411876648C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*", matchCriteriaId: "EF03BDE8-602D-4DEE-BA5B-5B20FDF47741", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*", matchCriteriaId: "A58966CB-36AF-4E64-AB39-BE3A0753E155", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*", matchCriteriaId: "585BC540-073B-425B-B664-5EA4C00AFED6", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*", matchCriteriaId: "9B453CF7-9AA6-4B94-A003-BF7AE0B82F53", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "CD354E32-A8B0-484C-B4C6-9FBCD3430D2D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "72A54BDA-311C-413B-8E4D-388AD65A170A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A305F012-544E-4245-9D69-1C8CD37748B1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B40CCE4F-EA2C-453D-BB76-6388767E5C6D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*", matchCriteriaId: "EF93A27E-AA2B-4C2E-9B8D-FE7267847326", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "2B12A3A8-6456-481A-A0C9-524543FCC149", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*", matchCriteriaId: "3C2E7E3C-A507-4AB2-97E5-4944D8775CF7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*", matchCriteriaId: "4E22EBF9-AA0D-4712-9D69-DD97679CE835", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*", matchCriteriaId: "941B114C-FBD7-42FF-B1D8-4EA30E99102C", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "339CFB34-A795-49F9-BF6D-A00F3A1A4F63", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "8D044DBE-6F5A-4C53-828E-7B1A570CACFF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*", matchCriteriaId: "65203CA1-5225-4E55-A187-6454C091F532", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF8EFFB-5686-4F28-A68F-1A8854E098CE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", matchCriteriaId: "932D137F-528B-4526-9A89-CD59FA1AB0FE", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*", matchCriteriaId: "5DA9B2E2-958B-478D-87D6-E5CDDCD44315", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*", matchCriteriaId: "B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*", matchCriteriaId: "99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*", matchCriteriaId: "97321212-0E07-4CC2-A917-7B5F61AB9A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*", matchCriteriaId: "DF390236-3259-4C8F-891C-62ACC4386CD1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AAA300-691A-4957-8B69-F6888CC971B1", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*", matchCriteriaId: "45937289-2D64-47CB-A750-5B4F0D4664A0", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*", matchCriteriaId: "B129311C-EB4B-4041-B85C-44D5E53FCAA3", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "F1AB54DB-3FB4-41CB-88ED-1400FD22AB85", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*", matchCriteriaId: "77675CB7-67D7-44E9-B7FF-D224B3341AA5", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*", matchCriteriaId: "A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*", matchCriteriaId: "9C877879-B84B-471C-80CF-0656521CA8AB", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", matchCriteriaId: "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", matchCriteriaId: "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*", matchCriteriaId: "E315FC5C-FF19-43C9-A58A-CF2A5FF13824", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "20A6B40D-F991-4712-8E30-5FE008505CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B1987BDA-0113-4603-B9BE-76647EB043F2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", matchCriteriaId: "848C92A9-0677-442B-8D52-A448F2019903", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*", matchCriteriaId: "6F564701-EDC1-43CF-BB9F-287D6992C6CB", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*", matchCriteriaId: "12B0CF2B-D1E1-4E20-846E-6F0D873499A9", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*", matchCriteriaId: "E8885C2C-7FB8-40CA-BCB9-B48C50BF2499", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*", matchCriteriaId: "9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*", matchCriteriaId: "A903C3AD-2D25-45B5-BF4A-A5BEB2286627", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*", matchCriteriaId: "EC5EBD2A-32A3-46D5-B155-B44DCB7F6902", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C2792650-851F-4820-B003-06A4BEA092D7", versionEndExcluding: "10.5.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*", matchCriteriaId: "9F6B63B9-F4C9-4A3F-9310-E0918E1070D1", versionEndExcluding: "3.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", matchCriteriaId: "E6FF5F80-A991-43D4-B49F-D843E2BC5798", versionEndIncluding: "2.414.2", vulnerable: true, }, { criteria: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", matchCriteriaId: "54D25DA9-12D0-4F14-83E6-C69D0293AAB9", versionEndIncluding: "2.427", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", matchCriteriaId: "8E1AFFB9-C717-4727-B0C9-5A0C281710E2", versionEndExcluding: "9.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*", matchCriteriaId: "25C85001-E0AB-4B01-8EE7-1D9C77CD956E", versionEndExcluding: "1.21.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*", matchCriteriaId: "F98F9D27-6659-413F-8F29-4FDB0882AAC5", versionEndExcluding: "11.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C98BF315-C563-47C2-BAD1-63347A3D1008", versionEndExcluding: "4.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*", matchCriteriaId: "705CBA49-21C9-4400-B7B9-71CDF9F97D8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "AA2BE0F1-DD16-4876-8EBA-F187BD38B159", versionEndExcluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "796B6C58-2140-4105-A2A1-69865A194A75", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*", matchCriteriaId: "DEA99DC6-EA03-469F-A8BE-7F96FDF0B333", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*", matchCriteriaId: "6560DBF4-AFE6-4672-95DE-74A0B8F4170A", versionEndExcluding: "x14.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "84785919-796D-41E5-B652-6B5765C81D4A", versionEndExcluding: "7.4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*", matchCriteriaId: "92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E", versionEndExcluding: "4.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD", versionEndExcluding: "9.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "4FE2F959-1084-48D1-B1F1-8182FC9862DD", versionEndExcluding: "7.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F", versionEndExcluding: "3.10.4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "1BB6B48E-EA36-40A0-96D0-AF909BEC1147", versionEndExcluding: "11.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*", matchCriteriaId: "2CBED844-7F94-498C-836D-8593381A9657", versionEndExcluding: "2.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510", versionEndExcluding: "2.19.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*", matchCriteriaId: "358FA1DC-63D3-49F6-AC07-9E277DD0D9DA", versionEndExcluding: "x14.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*", matchCriteriaId: "BFF2D182-7599-4B81-B56B-F44EDA1384C0", versionEndExcluding: "2024.01.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*", matchCriteriaId: "4868BCCA-24DE-4F24-A8AF-B3A545C0396E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*", matchCriteriaId: "194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A", versionEndExcluding: "2024.02.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*", matchCriteriaId: "BEC75F99-C7F0-47EB-9032-C9D3A42EBA20", versionEndExcluding: "2024.02.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "B6638F4E-16F7-447D-B755-52640BCB1C61", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "AC34F742-530E-4AB4-8AFC-D1E088E256B4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*", matchCriteriaId: "D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*", matchCriteriaId: "E22AD683-345B-4E16-BB9E-E9B1783E09AD", versionEndExcluding: "12.6.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*", matchCriteriaId: "D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*", matchCriteriaId: "2955BEE9-F567-4006-B96D-92E10FF84DB4", versionEndExcluding: "1.22", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "67502878-DB20-4410-ABA0-A1C5705064CD", versionEndExcluding: "17.15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "177DED2D-8089-4494-BDD9-7F84FC06CD5B", versionEndExcluding: "7.11.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54A29FD3-4128-4333-8445-A7DD04A6ECF6", versionEndExcluding: "15.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "67074526-9933-46B3-9FE3-A0BE73C5E8A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9", versionEndExcluding: "10.2\\(7\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88", versionEndExcluding: "10.3\\(5\\)", versionStartIncluding: "10.3\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*", matchCriteriaId: "1C84D24C-2256-42AF-898A-221EBE9FE1E4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9", versionEndExcluding: "10.2\\(7\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0A236A0A-6956-4D79-B8E5-B2D0C79FAE88", versionEndExcluding: "10.3\\(5\\)", versionStartIncluding: "10.3\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*", matchCriteriaId: "24CA1A59-2681-4507-AC74-53BD481099B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA5389A-8AD1-476E-983A-54DF573C30F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "C1B1A8F1-45B1-4E64-A254-7191FA93CB6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", matchCriteriaId: "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2FFD26-8255-4351-8594-29D2AEFC06EF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "61E10975-B47E-4F4D-8096-AEC7B7733612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "16C64136-89C2-443C-AF7B-BED81D3DE25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "182000E0-8204-4D8B-B7DE-B191AFE12E28", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "BDC208BC-7E19-48C6-A20E-A79A51B7362C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "084D0191-563B-4FF0-B589-F35DA118E1C6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "968390BC-B430-4903-B614-13104BFAE635", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", matchCriteriaId: "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAD21E-59EE-4CCE-8F1E-621D2EA50905", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "02C3CE6D-BD54-48B1-A188-8E53DA001424", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", matchCriteriaId: "498991F7-39D6-428C-8C7D-DD8DC72A0346", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "F7B90D36-5124-4669-8462-4EAF35B0F53D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*", matchCriteriaId: "7D6EB963-E0F2-4A02-8765-AB2064BE19E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DEAAF99B-5406-4722-81FB-A91CBAC2DF41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "40D6DB7F-C025-4971-9615-73393ED61078", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "737C724A-B6CD-4FF7-96E0-EBBF645D660E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7067AEC7-DFC8-4437-9338-C5165D9A8F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "71D4CF15-B293-4403-A1A9-96AD3933BAEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "DBCC1515-2DBE-4DF2-8E83-29A869170F36", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "7282AAFF-ED18-4992-AC12-D953C35EC328", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "360409CC-4172-4878-A76B-EA1C1F8C7A79", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", matchCriteriaId: "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "73F59A4B-AE92-4533-8EDC-D1DD850309FF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "492A2C86-DD38-466B-9965-77629A73814F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "1FB7AA46-4018-4925-963E-719E1037F759", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "D07B5399-44C7-468D-9D57-BB5B5E26CE50", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "B76FB64F-16F0-4B0B-B304-B46258D434BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*", matchCriteriaId: "2E128053-834B-4DD5-A517-D14B4FC2B56F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "163743A1-09E7-4EC5-8ECA-79E4B9CE173B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CE340E4C-DC48-4FC8-921B-EE304DB5AE0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "C367BBE0-D71F-4CB5-B50E-72B033E73FE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "85E1D224-4751-4233-A127-A041068C804A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*", matchCriteriaId: "BD31B075-01B1-429E-83F4-B999356A0EB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", matchCriteriaId: "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", matchCriteriaId: "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", }, { lang: "es", value: "El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023.", }, ], id: "CVE-2023-44487", lastModified: "2025-04-12T01:00:01.957", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-10-10T14:15:10.883", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/10/6", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/10/7", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/4", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/9", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/4", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/8", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/19/6", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/20/8", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2023-44487", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Vendor Advisory", ], url: "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://blog.vespa.ai/cve-2023-44487/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1216123", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/Azure/AKS/issues/3947", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/Kong/kong/discussions/11741", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-vx74-f528-fxqg", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/akka/akka-http/issues/4323", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/alibaba/tengine/issues/1872", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/apache/apisix/issues/10320", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/apache/httpd-site/pull/10", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", }, { source: "cve@mitre.org", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/apache/trafficserver/pull/10564", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/bcdannyboy/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://github.com/caddyserver/caddy/issues/5877", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://github.com/dotnet/announcements/issues/277", }, { source: "cve@mitre.org", tags: [ "Product", "Release Notes", ], url: "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/eclipse/jetty.project/issues/10679", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/envoyproxy/envoy/pull/30055", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/etcd-io/etcd/issues/16740", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/facebook/proxygen/pull/466", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/golang/go/issues/63417", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/grpc/grpc-go/pull/6703", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://github.com/grpc/grpc/releases/tag/v1.59.2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/h2o/h2o/pull/3291", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/haproxy/haproxy/issues/2312", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/junkurihara/rust-rpxy/issues/97", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/kazu-yamamoto/http2/issues/93", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/kubernetes/kubernetes/pull/121120", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/line/armeria/pull/5232", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/micrictor/http2-rst-stream", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/microsoft/CBL-Mariner/pull/6381", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/nghttp2/nghttp2/pull/1961", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/ninenines/cowboy/issues/1615", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/nodejs/node/pull/50121", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/openresty/openresty/issues/930", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/opensearch-project/data-prepper/issues/3474", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/oqtane/oqtane.framework/discussions/3367", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/projectcontour/contour/pull/5826", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/tempesta-tech/tempesta/issues/1986", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/varnishcache/varnish-cache/issues/3996", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Release Notes", "Vendor Advisory", ], url: "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://istio.io/latest/news/security/istio-security-2023-004/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://my.f5.com/manage/s/article/K000137106", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://netty.io/news/2023/10/10/4-1-100-Final.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37830987", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Press/Media Coverage", ], url: "https://news.ycombinator.com/item?id=37830998", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37831062", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37837043", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202311-09", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20231016-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240426-0007/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240621-0007/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security.paloaltonetworks.com/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://ubuntu.com/security/CVE-2023-44487", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://www.debian.org/security/2023/dsa-5521", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5540", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5549", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5558", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5570", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Vendor Advisory", ], url: "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2023/10/10/6", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/13/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/18/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/19/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/10/20/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/cve-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Vendor Advisory", ], url: "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://blog.vespa.ai/cve-2023-44487/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1216123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/Azure/AKS/issues/3947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/Kong/kong/discussions/11741", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-vx74-f528-fxqg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/akka/akka-http/issues/4323", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/alibaba/tengine/issues/1872", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/apache/apisix/issues/10320", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/apache/httpd-site/pull/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/apache/trafficserver/pull/10564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/bcdannyboy/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://github.com/caddyserver/caddy/issues/5877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://github.com/dotnet/announcements/issues/277", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Release Notes", ], url: "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/eclipse/jetty.project/issues/10679", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/envoyproxy/envoy/pull/30055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/etcd-io/etcd/issues/16740", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/facebook/proxygen/pull/466", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/golang/go/issues/63417", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/grpc/grpc-go/pull/6703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/h2o/h2o/pull/3291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/haproxy/haproxy/issues/2312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/junkurihara/rust-rpxy/issues/97", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/kazu-yamamoto/http2/issues/93", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/kubernetes/kubernetes/pull/121120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/line/armeria/pull/5232", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/micrictor/http2-rst-stream", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/microsoft/CBL-Mariner/pull/6381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/nghttp2/nghttp2/pull/1961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/ninenines/cowboy/issues/1615", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/nodejs/node/pull/50121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/openresty/openresty/issues/930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/opensearch-project/data-prepper/issues/3474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/oqtane/oqtane.framework/discussions/3367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/projectcontour/contour/pull/5826", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/tempesta-tech/tempesta/issues/1986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/varnishcache/varnish-cache/issues/3996", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Release Notes", "Vendor Advisory", ], url: "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://istio.io/latest/news/security/istio-security-2023-004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://my.f5.com/manage/s/article/K000137106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://netty.io/news/2023/10/10/4-1-100-Final.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37830987", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Press/Media Coverage", ], url: "https://news.ycombinator.com/item?id=37830998", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37831062", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=37837043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202311-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20231016-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240426-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240621-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.paloaltonetworks.com/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://ubuntu.com/security/CVE-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://www.debian.org/security/2023/dsa-5521", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://www.debian.org/security/2023/dsa-5522", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5558", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5570", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Vendor Advisory", ], url: "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2023/10/10/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }