7.5
CVE-2023-1108
- EPSS 2.56%
- Published 14.09.2023 15:15:08
- Last modified 21.11.2024 07:38:28
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
Data is provided by the National Vulnerability Database (NVD)
Redhat ≫ Build Of Quarkus Version-
Redhat ≫ Decision Manager Version7.0
Redhat ≫ Integration Camel K Version-
Redhat ≫ Integration Service Registry Version-
Redhat ≫ Jboss Enterprise Application Platform Version- SwEditiontext-only
Redhat ≫ Openshift Application Runtimes Version- SwEditiontext-only
Redhat ≫ Openstack Platform Version13.0
Redhat ≫ Process Automation Version7.0
Redhat ≫ Single Sign-on Version- SwEditiontext-only
Redhat ≫ Openshift Container Platform Version4.11
Redhat ≫ Openshift Container Platform Version4.12
Redhat ≫ Openshift Container Platform For Linuxone Version4.9
Redhat ≫ Openshift Container Platform For Linuxone Version4.10
Redhat ≫ Openshift Container Platform For Power Version4.9
Redhat ≫ Openshift Container Platform For Power Version4.10
Redhat ≫ Jboss Enterprise Application Platform Version7.4
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Single Sign-on Version7.6
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Netapp ≫ Oncommand Workflow Automation Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.56% | 0.85 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| secalert@redhat.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.