#VU79114 Resource exhaustion in Undertow - CVE-2023-3223


Vulnerability identifier: #VU79114

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-3223

CWE-ID: CWE-400

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Undertow
Server applications / Web servers

Vendor: Red Hat Inc.

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources by servlets annotated with @MultipartConfig. A remote attacker can send a large multipart content to the server, consume all available memory resources and perform a denial of service (DoS) attack.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Undertow: All versions

External links
https://bugzilla.redhat.com/show_bug.cgi?id=2209689

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Fuse 7.13
Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 7
Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform 7.4
Multiple vulnerabilities in Red Hat Fuse 7.12
Multiple vulnerabilities in Red Hat Single Sign-On 7.6
Red Hat Single Sign-On 7.6.5 security update on RHEL 7
Red Hat Single Sign-On 7.6.5 security update on RHEL 8
Red Hat Single Sign-On 7.6.5 security update on RHEL 9