HomePentest-Tools.com Logo

HTTP/2 - Denial Of Service CVE-2023-44487

Severity
CVSSv3 Score
7.5
Vulnerability description

HTTP/2 network protocol is vulnerable to CVE-2023-44487, a Denial of Service vulnerability that can be leveraged to achieve service failure. The root cause of this vulnerability is the improper handling of HTTP/2 requests. This vulnerability allows an unauthenticated remote attacker to interact with the HTTP/2 protocol in order to cause a Denial of Service attack.

Risk description

The risk exists that an unauthenticated remote attacker could cause a Denial of Service attack.

Recommendation

Use the settings provided by the vendor of the server where your HTTP/2 network protocol is running.

Codename
Rapid Reset
Detectable with
Network Scanner
Scan engine
Sniper
Exploitable with Sniper
No
CVE Published
Oct 10, 2023
Detection added at
Software Type
HTTP Protocol
Vendor
Not available
Product
Not available