CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
59.2%
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | build_of_quarkus | - | cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:* |
redhat | decision_manager | 7.0 | cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:* |
redhat | fuse | 1.0.0 | cpe:2.3:a:redhat:fuse:1.0.0:*:*:*:*:*:*:* |
redhat | integration_camel_k | - | cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:* |
redhat | integration_service_registry | - | cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:* |
redhat | jboss_enterprise_application_platform | - | cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:* |
redhat | jboss_enterprise_application_platform_expansion_pack | - | cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:* |
redhat | openshift_application_runtimes | - | cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:* |
redhat | openstack_platform | 13.0 | cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:* |
redhat | process_automation | 7.0 | cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:* |
access.redhat.com/errata/RHSA-2023:1184
access.redhat.com/errata/RHSA-2023:1185
access.redhat.com/errata/RHSA-2023:1512
access.redhat.com/errata/RHSA-2023:1513
access.redhat.com/errata/RHSA-2023:1514
access.redhat.com/errata/RHSA-2023:1516
access.redhat.com/errata/RHSA-2023:2135
access.redhat.com/errata/RHSA-2023:3883
access.redhat.com/errata/RHSA-2023:3884
access.redhat.com/errata/RHSA-2023:3885
access.redhat.com/errata/RHSA-2023:3888
access.redhat.com/errata/RHSA-2023:3892
access.redhat.com/errata/RHSA-2023:3954
access.redhat.com/errata/RHSA-2023:4612
access.redhat.com/security/cve/CVE-2023-1108
bugzilla.redhat.com/show_bug.cgi?id=2174246
github.com/advisories/GHSA-m4mm-pg93-fv78
security.netapp.com/advisory/ntap-20231020-0002/
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
59.2%