7.5

CVE-2023-47633

Exploit

Uncontrolled Resource Consumption in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TraefikTraefik Version <= 2.10.5
TraefikTraefik Version3.0.0 Updatebeta1
TraefikTraefik Version3.0.0 Updatebeta2
TraefikTraefik Version3.0.0 Updatebeta3
TraefikTraefik Version3.0.0 Updatebeta4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.27% 0.66
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security-advisories@github.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

https://github.com/traefik/traefik/releases/tag/v2.10.6
Release Notes
https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5
Release Notes
https://github.com/traefik/traefik/security/advisories/GHSA-6fwg-jrfw-ff7p
Third Party Advisory
Exploit