ID

VAR-202310-0175


CVE

CVE-2023-44487


TITLE

Debian Security Advisory 5558-1

Trust: 0.1

sources: PACKETSTORM: 175807

DESCRIPTION

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5558-1 security@debian.org https://www.debian.org/security/ Markus Koschany November 18, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : netty CVE ID : CVE-2023-34462 CVE-2023-44487 Debian Bug : 1038947 1054234 Two security vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework. CVE-2023-34462 It might be possible for a remote peer to send a client hello packet during a TLS handshake which lead the server to buffer up to 16 MB of data per connection. This problem is also known as Rapid Reset Attack. For the oldstable distribution (bullseye), these problems have been fixed in version 1:4.1.48-4+deb11u2. For the stable distribution (bookworm), these problems have been fixed in version 1:4.1.48-7+deb12u1. We recommend that you upgrade your netty packages. For the detailed security status of netty please refer to its security tracker page at: https://security-tracker.debian.org/tracker/netty Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVY5TZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRHiBAAzFhW85Ho37J02wrSDVwhIMTsVjNO9lnA08Pswdohr9K1wxeCJ/hBAx97 UNIrjTxyOfCJWi1Kj5pITXEHBRu6w1fj/5y9yoMpAKEu+oGQroHbSf4CPmqP2Of0 eamkfbGx2Dh7Ug3qYxe+elcqRtU3gu8I8DYcWJnm2VpWq7/pbNJ+9iqtmMjhkPLH 1etLI/5HAkwpPimZSrHzcimn39gEVaIbZLc86ZBAoAPghc+iJR1JFHERmkEutWkB eAnL3kD1mr6F711eZvDfPaRfEUVorW67ZEpPX68MJExuYHNXd268EhQOhf/ZYv8g SUSBJuKw4w2OnL4fn8lhqnQgYHUVkcYBtfYii6E9bEVAIPoaT+4gvdSg9zkF6cza Da8SXkEY2ysaX+A24iVnCNMpCMSOUOxWsFFvkCcfi8A4HxGGqWzVOsBbDJKjktS1 g6FyeqWsGh9QG/CPYeMN7LB7lW1l2XzO6GQ9QR1rzU/whgUVxprkye5wx2BaQmom rrWVHBijH1cNWd1IbryAm+prduL1l/CNR0785ZPTjB3SsMFPCAtRHf9G976rqVs0 P3jGg+BdeDj+sd3EFHcHnNXQOaETgR07RWzngbjEkgmJYhB2B43hCQ2LwsNlHsmg O6otUI2k274IF9KHh0T1h1hopbUTU8VPy3dpcLloCzk7KiAv1RI= =4ExT -----END PGP SIGNATURE----- . It releases an updated versions of the Kernel Module Management bringing it to v1.1.2 As part of this it updates the following container images that constitute the Kernel Module Management Operator: kernel-module-management-signing kernel-module-management-operator kernel-module-management-worker kernel-module-management-hub-operator kernel-module-management-must-gather kernel-module-management-hub-operator-bundle kernel-module-management-operator-bundle Description: kernel module management is Red Hat's operator designed to load and manage out-of-tree kernel modules and device plugins for Red Hat OpenShift Container Platform. Description: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. The HTTP/2 protocol implementation did not sufficiently verify if HPACK header values exceed their size limit. ========================================================================== Ubuntu Security Notice USN-6438-2 October 25, 2023 .Net regressions ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 Summary: An incomplete fix was discovered in .Net. Software Description: - dotnet6: dotNET CLI tools and runtime - dotnet7: dotNET CLI tools and runtime Details: USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for [CVE-2023-36799](https://ubuntu.com/security/CVE-2023-36799) was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-36799) It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-44487) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: aspnetcore-runtime-6.0 6.0.124-0ubuntu1~23.10.1 aspnetcore-runtime-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-host 6.0.124-0ubuntu1~23.10.1 dotnet-host-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-hostfxr-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-runtime-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-runtime-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-sdk-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-sdk-7.0 7.0.113-0ubuntu1~23.10.1 dotnet6 6.0.124-0ubuntu1~23.10.1 dotnet7 7.0.113-0ubuntu1~23.10.1 In general, a standard system update will make all the necessary changes. Description: Release of Red Hat build of OptaPlanner 8.38.0 SP2. The purpose of this text-only erratum is to inform you about the security issues fixed. The following data is constructed from data provided by Red Hat's json file at: https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5920.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. - Packet Storm Staff ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 7.4 security update Advisory ID: RHSA-2023:5920-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2023:5920 Issue date: 2023-10-19 Revision: 01 CVE Names: CVE-2023-44487 ==================================================================== Summary: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Security Fix(es): * undertow/netty-codec-http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (CVE-2023-44487) A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section. For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section. Solution: https://access.redhat.com/articles/11258 CVEs: CVE-2023-44487 References: https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/ . Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Description: Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up

Trust: 1.8

sources: NVD: CVE-2023-44487 // PACKETSTORM: 175807 // PACKETSTORM: 175756 // PACKETSTORM: 175345 // PACKETSTORM: 175437 // PACKETSTORM: 175282 // PACKETSTORM: 175330 // PACKETSTORM: 175244 // PACKETSTORM: 175229 // PACKETSTORM: 175234 // PACKETSTORM: 175231

AFFECTED PRODUCTS

vendor:f5model:big-ip link controllerscope:lteversion:13.1.5

Trust: 1.0

vendor:ciscomodel:secure dynamic attributes connectorscope:ltversion:2.2.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:15.1.0

Trust: 1.0

vendor:redhatmodel:run once duration override operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:13.1.5

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:gteversion:17.6

Trust: 1.0

vendor:ciscomodel:unified contact center enterprise - live data serverscope:ltversion:12.6.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:ceph storagescope:eqversion:5.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:6.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:ltversion:17.2.20

Trust: 1.0

vendor:akkamodel:http serverscope:ltversion:10.5.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:lteversion:13.1.5

Trust: 1.0

vendor:redhatmodel:openshift service meshscope:eqversion:2.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:advanced cluster securityscope:eqversion:4.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:traefikmodel:traefikscope:eqversion:3.0.0

Trust: 1.0

vendor:apachemodel:traffic serverscope:gteversion:9.0.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:13.1.5

Trust: 1.0

vendor:apachemodel:tomcatscope:lteversion:9.0.80

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:13.1.0

Trust: 1.0

vendor:redhatmodel:cryostatscope:eqversion:2.0

Trust: 1.0

vendor:ciscomodel:prime network registrarscope:ltversion:11.2

Trust: 1.0

vendor:microsoftmodel:windows 10 1809scope:ltversion:10.0.17763.4974

Trust: 1.0

vendor:ietfmodel:httpscope:eqversion:2.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:gteversion:13.1.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:37

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip next service proxy for kubernetesscope:lteversion:1.8.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:14.1.5

Trust: 1.0

vendor:redhatmodel:service telemetry frameworkscope:eqversion:1.5

Trust: 1.0

vendor:ciscomodel:ultra cloud core - serving gateway functionscope:ltversion:2024.02.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:10.4\(2\)

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:15.1.10

Trust: 1.0

vendor:ciscomodel:secure web appliancescope:ltversion:15.1.0

Trust: 1.0

vendor:envoyproxymodel:envoyscope:eqversion:1.24.10

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:13.1.0

Trust: 1.0

vendor:siemensmodel:ruggedcom ape1808scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip websafescope:gteversion:13.1.0

Trust: 1.0

vendor:ciscomodel:ios xrscope:ltversion:7.11.2

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:10.1.0

Trust: 1.0

vendor:microsoftmodel:windows 11 22h2scope:ltversion:10.0.22621.2428

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:14.1.5

Trust: 1.0

vendor:microsoftmodel:windows server 2022scope:eqversion: -

Trust: 1.0

vendor:golangmodel:goscope:ltversion:1.20.10

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:self node remediation operatorscope:eqversion: -

Trust: 1.0

vendor:golangmodel:goscope:gteversion:1.21.0

Trust: 1.0

vendor:f5model:big-ip websafescope:lteversion:13.1.5

Trust: 1.0

vendor:redhatmodel:openshift sandboxed containersscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip websafescope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:build of quarkusscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:17.1.0

Trust: 1.0

vendor:ciscomodel:expresswayscope:ltversion:x14.3.3

Trust: 1.0

vendor:redhatmodel:openshift serverlessscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:openshift secondary scheduler operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:17.1.0

Trust: 1.0

vendor:redhatmodel:openstack platformscope:eqversion:16.1

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:16.1.0

Trust: 1.0

vendor:istiomodel:istioscope:ltversion:1.17.6

Trust: 1.0

vendor:ciscomodel:unified contact center management portalscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:.netscope:gteversion:6.0.0

Trust: 1.0

vendor:redhatmodel:integration service registryscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:13.1.0

Trust: 1.0

vendor:grpcmodel:grpcscope:ltversion:1.58.3

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:gteversion:16.1.0

Trust: 1.0

vendor:redhatmodel:migration toolkit for containersscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:openshift distributed tracingscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:lteversion:15.1.10

Trust: 1.0

vendor:microsoftmodel:.netscope:gteversion:7.0.0

Trust: 1.0

vendor:apachemodel:traffic serverscope:ltversion:9.2.3

Trust: 1.0

vendor:redhatmodel:openshift dev spacesscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip websafescope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:16.1.0

Trust: 1.0

vendor:redhatmodel:network observability operatorscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:sinec nmsscope:ltversion:3.0

Trust: 1.0

vendor:ciscomodel:ultra cloud core - session management functionscope:ltversion:2024.02.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:cert-manager operator for red hat openshiftscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:15.1.10

Trust: 1.0

vendor:redhatmodel:jboss core servicesscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:14.1.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:10.4\(1\)

Trust: 1.0

vendor:apachemodel:tomcatscope:eqversion:11.0.0

Trust: 1.0

vendor:redhatmodel:openshift container platform assisted installerscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:machine deletion remediation operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:14.1.5

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:11.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:gteversion:14.1.0

Trust: 1.0

vendor:traefikmodel:traefikscope:ltversion:2.10.5

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:web terminalscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:15.1.0

Trust: 1.0

vendor:redhatmodel:migration toolkit for virtualizationscope:eqversion: -

Trust: 1.0

vendor:envoyproxymodel:envoyscope:eqversion:1.25.9

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:17.1.0

Trust: 1.0

vendor:redhatmodel:logging subsystem for red hat openshiftscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:sinec insscope:ltversion:1.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip websafescope:gteversion:14.1.0

Trust: 1.0

vendor:amazonmodel:opensearch data prepperscope:ltversion:2.5.0

Trust: 1.0

vendor:f5model:nginx ingress controllerscope:lteversion:2.4.2

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:redhatmodel:openshift developer tools and servicesscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:eqversion:17.1.0

Trust: 1.0

vendor:apachemodel:traffic serverscope:ltversion:8.1.9

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:lteversion:13.1.5

Trust: 1.0

vendor:redhatmodel:migration toolkit for applicationsscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:build of optaplannerscope:eqversion:8.0

Trust: 1.0

vendor:microsoftmodel:windows 11 21h2scope:ltversion:10.0.22000.2538

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:14.1.5

Trust: 1.0

vendor:kazu yamamotomodel:http2scope:ltversion:4.2.2

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:lteversion:16.1.4

Trust: 1.0

vendor:redhatmodel:openshift api for data protectionscope:eqversion: -

Trust: 1.0

vendor:apachemodel:tomcatscope:lteversion:10.1.13

Trust: 1.0

vendor:siemensmodel:siplus s7-1500 cpu 1518-4 pn\/dp mfpscope:gteversion:3.1.5

Trust: 1.0

vendor:redhatmodel:advanced cluster management for kubernetesscope:eqversion:2.0

Trust: 1.0

vendor:microsoftmodel:cbl-marinerscope:ltversion:2023-10-11

Trust: 1.0

vendor:eclipsemodel:jettyscope:ltversion:12.0.2

Trust: 1.0

vendor:ciscomodel:iot field network directorscope:ltversion:4.11.0

Trust: 1.0

vendor:redhatmodel:jboss data gridscope:eqversion:7.0.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:lteversion:16.1.4

Trust: 1.0

vendor:linkerdmodel:linkerdscope:gteversion:2.12.0

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:lteversion:15.1.10

Trust: 1.0

vendor:ciscomodel:enterprise chat and emailscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:6.0.0

Trust: 1.0

vendor:eclipsemodel:jettyscope:gteversion:12.0.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:ltversion:17.7.5

Trust: 1.0

vendor:redhatmodel:openstack platformscope:eqversion:16.2

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:10.3\(5\)

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip websafescope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:14.1.0

Trust: 1.0

vendor:ciscomodel:data center network managerscope:eqversion: -

Trust: 1.0

vendor:eclipsemodel:jettyscope:ltversion:11.0.17

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:lteversion:14.1.5

Trust: 1.0

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:7.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:16.1.0

Trust: 1.0

vendor:redhatmodel:node healthcheck operatorscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:13.1.5

Trust: 1.0

vendor:grpcmodel:grpcscope:eqversion:1.57.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:17.1.0

Trust: 1.0

vendor:golangmodel:goscope:ltversion:1.21.3

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:16.1.4

Trust: 1.0

vendor:microsoftmodel:asp.net corescope:gteversion:6.0.0

Trust: 1.0

vendor:istiomodel:istioscope:gteversion:1.18.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:eqversion:2.13.1

Trust: 1.0

vendor:redhatmodel:openshift pipelinesscope:eqversion: -

Trust: 1.0

vendor:eclipsemodel:jettyscope:gteversion:11.0.0

Trust: 1.0

vendor:f5model:nginxscope:lteversion:1.25.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:nginx plusscope:eqversion:r29

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:13.1.5

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:gteversion:17.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:eqversion:2.13.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:17.1.0

Trust: 1.0

vendor:microsoftmodel:asp.net corescope:gteversion:7.0.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:15.1.10

Trust: 1.0

vendor:apachemodel:solrscope:ltversion:9.4.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:ltversion:18.18.2

Trust: 1.0

vendor:redhatmodel:support for spring bootscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ultra cloud core - policy control functionscope:ltversion:2024.01.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pn\/dp mfpscope:gteversion:3.1.5

Trust: 1.0

vendor:ciscomodel:crosswork data gatewayscope:ltversion:4.1.3

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:13.1.0

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:9.0.0

Trust: 1.0

vendor:redhatmodel:jboss fusescope:eqversion:6.0.0

Trust: 1.0

vendor:redhatmodel:satellitescope:eqversion:6.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:14.1.5

Trust: 1.0

vendor:eclipsemodel:jettyscope:ltversion:9.4.53

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:lteversion:14.1.5

Trust: 1.0

vendor:netappmodel:astra control centerscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:17.1.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:gteversion:10.3\(1\)

Trust: 1.0

vendor:redhatmodel:openshift data sciencescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:jboss fusescope:eqversion:7.0.0

Trust: 1.0

vendor:microsoftmodel:windows 10 21h2scope:ltversion:10.0.19044.3570

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:nginxscope:gteversion:1.9.5

Trust: 1.0

vendor:redhatmodel:certification for red hat enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:15.1.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:gteversion:17.4

Trust: 1.0

vendor:f5model:nginx plusscope:eqversion:r30

Trust: 1.0

vendor:microsoftmodel:.netscope:ltversion:6.0.23

Trust: 1.0

vendor:redhatmodel:openstack platformscope:eqversion:17.1

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:15.1.0

Trust: 1.0

vendor:redhatmodel:openshift gitopsscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:process automationscope:eqversion:7.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:ltversion:20.8.1

Trust: 1.0

vendor:redhatmodel:node maintenance operatorscope:eqversion: -

Trust: 1.0

vendor:grpcmodel:grpcscope:lteversion:1.59.2

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:gteversion:15.1.0

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:eqversion: -

Trust: 1.0

vendor:redhatmodel:integration camel kscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:17.1.0

Trust: 1.0

vendor:varnish cachemodel:varnish cachescope:ltversion:2023-10-10

Trust: 1.0

vendor:siemensmodel:sinec insscope:eqversion:1.0

Trust: 1.0

vendor:grpcmodel:grpcscope:gteversion:1.58.0

Trust: 1.0

vendor:istiomodel:istioscope:ltversion:1.18.3

Trust: 1.0

vendor:nghttp2model:nghttp2scope:ltversion:1.57.0

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip websafescope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:15.1.0

Trust: 1.0

vendor:microsoftmodel:azure kubernetes servicescope:ltversion:2023-10-08

Trust: 1.0

vendor:ciscomodel:prime cable provisioningscope:ltversion:7.2.1

Trust: 1.0

vendor:envoyproxymodel:envoyscope:eqversion:1.26.4

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:13.1.5

Trust: 1.0

vendor:caddyservermodel:caddyscope:ltversion:2.7.5

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:nginx plusscope:gteversion:r25

Trust: 1.0

vendor:ciscomodel:ios xescope:ltversion:17.15.1

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip nextscope:eqversion:20.0.1

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:16.1.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip next service proxy for kubernetesscope:gteversion:1.5.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:lteversion:14.1.5

Trust: 1.0

vendor:ciscomodel:crosswork zero touch provisioningscope:ltversion:6.0.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:eqversion:2.14.0

Trust: 1.0

vendor:microsoftmodel:asp.net corescope:ltversion:6.0.23

Trust: 1.0

vendor:ciscomodel:unified contact center enterprisescope:eqversion: -

Trust: 1.0

vendor:facebookmodel:proxygenscope:ltversion:2023.10.16.00

Trust: 1.0

vendor:ciscomodel:connected mobile experiencesscope:ltversion:11.1

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:9.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:15.1.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:ltversion:17.6.8

Trust: 1.0

vendor:denamodel:h2oscope:ltversion:2023-10-10

Trust: 1.0

vendor:golangmodel:http2scope:ltversion:0.17.0

Trust: 1.0

vendor:ciscomodel:crosswork situation managerscope:eqversion: -

Trust: 1.0

vendor:istiomodel:istioscope:gteversion:1.19.0

Trust: 1.0

vendor:f5model:big-ip application visibility and reportingscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:13.1.0

Trust: 1.0

vendor:redhatmodel:decision managerscope:eqversion:7.0

Trust: 1.0

vendor:f5model:nginx plusscope:ltversion:r29

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:lteversion:15.1.10

Trust: 1.0

vendor:istiomodel:istioscope:ltversion:1.19.1

Trust: 1.0

vendor:ciscomodel:prime infrastructurescope:ltversion:3.10.4

Trust: 1.0

vendor:f5model:nginx ingress controllerscope:lteversion:3.3.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:16.1.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.4.2

Trust: 1.0

vendor:redhatmodel:quayscope:eqversion:3.0.0

Trust: 1.0

vendor:nettymodel:nettyscope:ltversion:4.1.100

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:gteversion:13.1.0

Trust: 1.0

vendor:apachemodel:tomcatscope:gteversion:8.5.0

Trust: 1.0

vendor:redhatmodel:cost managementscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:jboss a-mq streamsscope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:16.1.0

Trust: 1.0

vendor:redhatmodel:service interconnectscope:eqversion:1.0

Trust: 1.0

vendor:nodejsmodel:node.jsscope:gteversion:18.0.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:eqversion:2.14.1

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:12.0

Trust: 1.0

vendor:f5model:nginx ingress controllerscope:gteversion:3.0.0

Trust: 1.0

vendor:applemodel:swiftnio http\/2scope:ltversion:1.28.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:gteversion:17.7

Trust: 1.0

vendor:golangmodel:networkingscope:ltversion:0.17.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:13.1.0

Trust: 1.0

vendor:microsoftmodel:windows 10 22h2scope:ltversion:10.0.19045.3570

Trust: 1.0

vendor:netappmodel:oncommand insightscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:prime access registrarscope:ltversion:9.3.3

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:lteversion:13.1.5

Trust: 1.0

vendor:redhatmodel:ansible automation platformscope:eqversion:2.0

Trust: 1.0

vendor:jenkinsmodel:jenkinsscope:lteversion:2.414.2

Trust: 1.0

vendor:ciscomodel:unified contact center domain managerscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:fence agents remediation operatorscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence video communication serverscope:ltversion:x14.3.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:lteversion:14.1.5

Trust: 1.0

vendor:microsoftmodel:windows 10 1607scope:ltversion:10.0.14393.6351

Trust: 1.0

vendor:nodejsmodel:node.jsscope:gteversion:20.0.0

Trust: 1.0

vendor:f5model:nginx ingress controllerscope:gteversion:2.0.0

Trust: 1.0

vendor:apachemodel:traffic serverscope:gteversion:8.0.0

Trust: 1.0

vendor:linkerdmodel:linkerdscope:lteversion:2.12.5

Trust: 1.0

vendor:redhatmodel:integration camel for spring bootscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:unified attendant console advancedscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:.netscope:ltversion:7.0.12

Trust: 1.0

vendor:linecorpmodel:armeriascope:ltversion:1.26.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:14.1.0

Trust: 1.0

vendor:openrestymodel:openrestyscope:ltversion:1.21.4.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:certification for red hat enterprise linuxscope:eqversion:9.0

Trust: 1.0

vendor:konghqmodel:kong gatewayscope:ltversion:3.4.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4 pn\/dp mfpscope:gteversion:3.1.5

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:lteversion:14.1.5

Trust: 1.0

vendor:f5model:big-ip websafescope:lteversion:14.1.5

Trust: 1.0

vendor:jenkinsmodel:jenkinsscope:lteversion:2.427

Trust: 1.0

vendor:envoyproxymodel:envoyscope:eqversion:1.27.0

Trust: 1.0

vendor:redhatmodel:openshift virtualizationscope:eqversion:4

Trust: 1.0

vendor:ciscomodel:crosswork data gatewayscope:gteversion:5.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:lteversion:16.1.4

Trust: 1.0

vendor:ciscomodel:business process automationscope:ltversion:3.2.003.009

Trust: 1.0

vendor:redhatmodel:single sign-onscope:eqversion:7.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip link controllerscope:lteversion:15.1.10

Trust: 1.0

vendor:ciscomodel:crosswork data gatewayscope:ltversion:5.0.2

Trust: 1.0

vendor:microsoftmodel:asp.net corescope:ltversion:7.0.12

Trust: 1.0

vendor:ciscomodel:ultra cloud core - policy control functionscope:eqversion:2024.01.0

Trust: 1.0

vendor:microsoftmodel:visual studio 2022scope:ltversion:17.4.12

Trust: 1.0

vendor:redhatmodel:advanced cluster securityscope:eqversion:3.0

Trust: 1.0

vendor:siemensmodel:st7 scadaconnectscope:ltversion:1.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:openshiftscope:eqversion: -

Trust: 1.0

vendor:projectcontourmodel:contourscope:ltversion:2023-10-11

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:gteversion:14.1.0

Trust: 1.0

vendor:ciscomodel:fog directorscope:ltversion:1.22

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:15.1.0

Trust: 1.0

vendor:redhatmodel:jboss a-mqscope:eqversion:7

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:15.1.0

Trust: 1.0

vendor:eclipsemodel:jettyscope:ltversion:10.0.17

Trust: 1.0

vendor:apachemodel:tomcatscope:lteversion:8.5.93

Trust: 1.0

vendor:f5model:big-ip carrier-grade natscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:13.1.0

Trust: 1.0

vendor:grpcmodel:grpcscope:ltversion:1.56.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:lteversion:15.1.10

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:17.1.0

Trust: 1.0

vendor:f5model:big-ip ssl orchestratorscope:gteversion:15.1.0

Trust: 1.0

vendor:apachemodel:apisixscope:ltversion:3.6.1

Trust: 1.0

vendor:eclipsemodel:jettyscope:gteversion:10.0.0

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:eqversion:17.1.0

Trust: 1.0

vendor:ciscomodel:nx-osscope:ltversion:10.2\(7\)

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:3scale api management platformscope:eqversion:2.0

Trust: 1.0

vendor:redhatmodel:openshift container platformscope:eqversion:4.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:38

Trust: 1.0

vendor:f5model:big-ip advanced web application firewallscope:lteversion:16.1.4

Trust: 1.0

vendor:ciscomodel:secure malware analyticsscope:ltversion:2.19.2

Trust: 1.0

vendor:f5model:big-ip ddos hybrid defenderscope:gteversion:15.1.0

Trust: 1.0

sources: NVD: CVE-2023-44487

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-44487
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2023-44487
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2023-44487
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

sources: NVD: CVE-2023-44487 // NVD: CVE-2023-44487

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-400

Trust: 1.0

sources: NVD: CVE-2023-44487

THREAT TYPE

remote

Trust: 0.1

sources: PACKETSTORM: 175330

EXTERNAL IDS

db:NVDid:CVE-2023-44487

Trust: 2.0

db:SIEMENSid:SSA-082556

Trust: 1.0

db:SIEMENSid:SSA-341067

Trust: 1.0

db:SIEMENSid:SSA-832273

Trust: 1.0

db:SIEMENSid:SSA-784301

Trust: 1.0

db:SIEMENSid:SSA-915275

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/10/7

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/10/6

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2025/08/13/6

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/13/9

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/20/8

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/18/8

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/13/4

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/18/4

Trust: 1.0

db:OPENWALLid:OSS-SECURITY/2023/10/19/6

Trust: 1.0

db:PACKETSTORMid:175807

Trust: 0.1

db:PACKETSTORMid:175756

Trust: 0.1

db:PACKETSTORMid:175345

Trust: 0.1

db:PACKETSTORMid:175437

Trust: 0.1

db:PACKETSTORMid:175282

Trust: 0.1

db:PACKETSTORMid:175330

Trust: 0.1

db:PACKETSTORMid:175244

Trust: 0.1

db:PACKETSTORMid:175229

Trust: 0.1

db:PACKETSTORMid:175234

Trust: 0.1

db:PACKETSTORMid:175231

Trust: 0.1

sources: PACKETSTORM: 175807 // PACKETSTORM: 175756 // PACKETSTORM: 175345 // PACKETSTORM: 175437 // PACKETSTORM: 175282 // PACKETSTORM: 175330 // PACKETSTORM: 175244 // PACKETSTORM: 175229 // PACKETSTORM: 175234 // PACKETSTORM: 175231 // NVD: CVE-2023-44487

REFERENCES

url:http://www.openwall.com/lists/oss-security/2023/10/10/6

Trust: 2.0

url:https://bugzilla.redhat.com/show_bug.cgi?id=2242803

Trust: 1.1

url:https://access.redhat.com/security/cve/cve-2023-44487

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-44487

Trust: 1.0

url:https://lists.w3.org/archives/public/ietf-http-wg/2023octdec/0025.html

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/

Trust: 1.0

url:https://github.com/kong/kong/discussions/11741

Trust: 1.0

url:https://github.com/apache/httpd-site/pull/10

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/19/6

Trust: 1.0

url:https://my.f5.com/manage/s/article/k000137106

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-082556.html

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/

Trust: 1.0

url:https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#l73

Trust: 1.0

url:https://github.com/eclipse/jetty.project/issues/10679

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/

Trust: 1.0

url:https://tomcat.apache.org/security-10.html#fixed_in_apache_tomcat_10.1.14

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/

Trust: 1.0

url:https://github.com/micrictor/http2-rst-stream

Trust: 1.0

url:https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0

Trust: 1.0

url:https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/

Trust: 1.0

url:https://aws.amazon.com/security/security-bulletins/aws-2023-011/

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html

Trust: 1.0

url:https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1

Trust: 1.0

url:https://github.com/advisories/ghsa-qppj-fm5r-hxr3

Trust: 1.0

url:https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/

Trust: 1.0

url:https://github.com/junkurihara/rust-rpxy/issues/97

Trust: 1.0

url:https://github.com/caddyserver/caddy/issues/5877

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/

Trust: 1.0

url:https://security.paloaltonetworks.com/cve-2023-44487

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/

Trust: 1.0

url:https://bugzilla.suse.com/show_bug.cgi?id=1216123

Trust: 1.0

url:https://www.phoronix.com/news/http2-rapid-reset-attack

Trust: 1.0

url:https://github.com/kubernetes/kubernetes/pull/121120

Trust: 1.0

url:https://security.gentoo.org/glsa/202311-09

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/20/8

Trust: 1.0

url:https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-915275.html

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20240621-0006/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20240426-0007/

Trust: 1.0

url:https://github.com/h2o/h2o/pull/3291

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5549

Trust: 1.0

url:https://github.com/advisories/ghsa-vx74-f528-fxqg

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5558

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/

Trust: 1.0

url:https://github.com/envoyproxy/envoy/pull/30055

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20240621-0007/

Trust: 1.0

url:https://ubuntu.com/security/cve-2023-44487

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/

Trust: 1.0

url:https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/readme.md?plain=1#l239-l244

Trust: 1.0

url:https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2

Trust: 1.0

url:https://github.com/apache/trafficserver/pull/10564

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5521

Trust: 1.0

url:https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/

Trust: 1.0

url:https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/18/4

Trust: 1.0

url:https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/

Trust: 1.0

url:https://github.com/bcdannyboy/cve-2023-44487

Trust: 1.0

url:https://groups.google.com/g/golang-announce/c/innxdtcjzvo

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/

Trust: 1.0

url:https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2023-44487

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2025/08/13/6

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/18/8

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/13/4

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html

Trust: 1.0

url:https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q

Trust: 1.0

url:https://github.com/grpc/grpc/releases/tag/v1.59.2

Trust: 1.0

url:https://github.com/arkrwn/poc/tree/main/cve-2023-44487

Trust: 1.0

url:https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61

Trust: 1.0

url:https://github.com/opensearch-project/data-prepper/issues/3474

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html

Trust: 1.0

url:https://github.com/varnishcache/varnish-cache/issues/3996

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/

Trust: 1.0

url:https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764

Trust: 1.0

url:https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487

Trust: 1.0

url:https://github.com/nghttp2/nghttp2/pull/1961

Trust: 1.0

url:https://netty.io/news/2023/10/10/4-1-100-final.html

Trust: 1.0

url:https://github.com/alibaba/tengine/issues/1872

Trust: 1.0

url:https://github.com/h2o/h2o/security/advisories/ghsa-2m7v-gc89-fjqf

Trust: 1.0

url:https://github.com/ninenines/cowboy/issues/1615

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/

Trust: 1.0

url:https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html

Trust: 1.0

url:https://github.com/nodejs/node/pull/50121

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/

Trust: 1.0

url:https://mailman.nginx.org/pipermail/nginx-devel/2023-october/s36q5hbxr7caimpllprsssyr4pcmwilk.html

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5522

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/

Trust: 1.0

url:https://github.com/tempesta-tech/tempesta/issues/1986

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5540

Trust: 1.0

url:https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632

Trust: 1.0

url:https://github.com/facebook/proxygen/pull/466

Trust: 1.0

url:https://github.com/azure/aks/issues/3947

Trust: 1.0

url:https://github.com/apache/apisix/issues/10320

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/

Trust: 1.0

url:https://github.com/line/armeria/pull/5232

Trust: 1.0

url:https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088

Trust: 1.0

url:https://github.com/dotnet/announcements/issues/277

Trust: 1.0

url:https://news.ycombinator.com/item?id=37837043

Trust: 1.0

url:https://github.com/etcd-io/etcd/issues/16740

Trust: 1.0

url:https://www.debian.org/security/2023/dsa-5570

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/

Trust: 1.0

url:https://blog.vespa.ai/cve-2023-44487/

Trust: 1.0

url:https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/

Trust: 1.0

url:https://github.com/haproxy/haproxy/issues/2312

Trust: 1.0

url:https://github.com/oqtane/oqtane.framework/discussions/3367

Trust: 1.0

url:https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/

Trust: 1.0

url:https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125

Trust: 1.0

url:https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/

Trust: 1.0

url:https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/13/9

Trust: 1.0

url:https://github.com/grpc/grpc-go/pull/6703

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/

Trust: 1.0

url:https://news.ycombinator.com/item?id=37830998

Trust: 1.0

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-http2-reset-d8kf32vz

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-341067.html

Trust: 1.0

url:https://istio.io/latest/news/security/istio-security-2023-004/

Trust: 1.0

url:https://github.com/caddyserver/caddy/releases/tag/v2.7.5

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20231016-0001/

Trust: 1.0

url:https://github.com/openresty/openresty/issues/930

Trust: 1.0

url:https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/

Trust: 1.0

url:https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/

Trust: 1.0

url:https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack

Trust: 1.0

url:https://news.ycombinator.com/item?id=37831062

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/

Trust: 1.0

url:https://github.com/golang/go/issues/63417

Trust: 1.0

url:https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-832273.html

Trust: 1.0

url:https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/

Trust: 1.0

url:https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html

Trust: 1.0

url:https://github.com/akka/akka-http/issues/4323

Trust: 1.0

url:https://github.com/projectcontour/contour/pull/5826

Trust: 1.0

url:https://github.com/microsoft/cbl-mariner/pull/6381

Trust: 1.0

url:https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487

Trust: 1.0

url:https://github.com/kazu-yamamoto/http2/issues/93

Trust: 1.0

url:http://www.openwall.com/lists/oss-security/2023/10/10/7

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/

Trust: 1.0

url:https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#l1101-l1113

Trust: 1.0

url:https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/

Trust: 1.0

url:https://bugzilla.proxmox.com/show_bug.cgi?id=4988

Trust: 1.0

url:https://github.com/advisories/ghsa-xpw8-rcwv-8f8p

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/

Trust: 1.0

url:https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html

Trust: 1.0

url:https://news.ycombinator.com/item?id=37830987

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/

Trust: 1.0

url:https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-784301.html

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/

Trust: 1.0

url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-44487

Trust: 1.0

url:https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause

Trust: 1.0

url:https://access.redhat.com/security/vulnerabilities/rhsb-2023-003

Trust: 0.7

url:https://access.redhat.com/articles/11258

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.6

url:https://www.debian.org/security/faq

Trust: 0.2

url:https://www.debian.org/security/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2023-34462

Trust: 0.1

url:https://security-tracker.debian.org/tracker/netty

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:7218

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7218.json

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6120.json

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:6120

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-36478

Trust: 0.1

url:https://security-tracker.debian.org/tracker/jetty9

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:5989

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5989.json

Trust: 0.1

url:https://launchpad.net/bugs/2040208

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-6438-2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dotnet6/6.0.124-0ubuntu1~23.10.1

Trust: 0.1

url:https://launchpad.net/bugs/2040207,

Trust: 0.1

url:https://ubuntu.com/security/cve-2023-36799)

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-6438-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-36799

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/dotnet7/7.0.113-0ubuntu1~23.10.1

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5956.json

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:5956

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions&product=rhbop&version=8.38.0.sp2

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:5920

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5920.json

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5928.json

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:5928

Trust: 0.1

url:https://access.redhat.com/security/updates/classification#critical

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2023:5924

Trust: 0.1

url:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5924.json

Trust: 0.1

sources: PACKETSTORM: 175807 // PACKETSTORM: 175756 // PACKETSTORM: 175345 // PACKETSTORM: 175437 // PACKETSTORM: 175282 // PACKETSTORM: 175330 // PACKETSTORM: 175244 // PACKETSTORM: 175229 // PACKETSTORM: 175234 // PACKETSTORM: 175231 // NVD: CVE-2023-44487

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 175756 // PACKETSTORM: 175345 // PACKETSTORM: 175282 // PACKETSTORM: 175244 // PACKETSTORM: 175229 // PACKETSTORM: 175234 // PACKETSTORM: 175231

SOURCES

db:PACKETSTORMid:175807
db:PACKETSTORMid:175756
db:PACKETSTORMid:175345
db:PACKETSTORMid:175437
db:PACKETSTORMid:175282
db:PACKETSTORMid:175330
db:PACKETSTORMid:175244
db:PACKETSTORMid:175229
db:PACKETSTORMid:175234
db:PACKETSTORMid:175231
db:NVDid:CVE-2023-44487

LAST UPDATE DATE

2026-06-30T22:41:13.719000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2023-44487date:2026-05-12T15:10:32.260

SOURCES RELEASE DATE

db:PACKETSTORMid:175807date:2023-11-20T16:25:51
db:PACKETSTORMid:175756date:2023-11-16T14:37:49
db:PACKETSTORMid:175345date:2023-10-26T14:33:31
db:PACKETSTORMid:175437date:2023-10-31T13:13:14
db:PACKETSTORMid:175282date:2023-10-24T15:50:17
db:PACKETSTORMid:175330date:2023-10-25T13:48:01
db:PACKETSTORMid:175244date:2023-10-20T14:35:20
db:PACKETSTORMid:175229date:2023-10-20T14:32:20
db:PACKETSTORMid:175234date:2023-10-20T14:33:16
db:PACKETSTORMid:175231date:2023-10-20T14:32:43
db:NVDid:CVE-2023-44487date:2023-10-10T14:15:10.883