CVSS: 7.5EPSS: 81%CPEs: 444EXPL: 7CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 45EXPL: 2CVE-2013-3587
https://notcve.org/view.php?id=CVE-2013-3587
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929. El protocolo HTTPS, como es usado en aplicaciones web no especificadas, puede cifrar datos comprimidos sin ofuscar apropiadamente la longitud de los datos no cifrados, facilitando a atacantes de tipo "man-in-the-middle" obtener valores secretos en texto plano al observar las diferencias de longitud durante una serie de adivinaciones en las que una cadena en una URL de peticiones HTTP coincide potencialmente con una cadena desconocida en un cuerpo de respuesta HTTP, también se conoce como ataque "BREACH", un problema diferente de CVE-2012-4929. • http://breachattack.com http://github.com/meldium/breach-mitigation-rails http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407 http://slashdot.org/story/13/08/05/233216 http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf http://www.kb.cert.org/vuls/id/987798 https://bugzilla.redhat.com/show_bug.cgi?id=995168 https://hackerone.com/reports/254895 https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apach • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 22EXPL: 0CVE-2014-4024
https://notcve.org/view.php?id=CVE-2014-4024
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack. Los servidores virtuales SSL en sistemas F5 BIG-IP, en versiones 10.x anteriores a la 10.2.4 HF9, versiones 11.x anteriores a la 11.2.1 HF12, versiones 11.3.0 anteriores a la HF10, versiones 11.4.0 anteriores a la HF8, versiones 11.4.1 anteriores a la HF5, versiones 11.5.0 anteriores a la HF5 y versiones 11.5.1 anteriores a la HF5, al emplearse con tarjetas de aceleración SSL (Secure Sockets Layer) de terceros, podrían permitir que atacantes remotos provoquen un impacto sin especificar mediante un ataque de sincronización de canal lateral. • https://exchange.xforce.ibmcloud.com/vulnerabilities/95834 https://support.f5.com/csp/article/K15500 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.9EPSS: 0%CPEs: 176EXPL: 0CVE-2014-6031
https://notcve.org/view.php?id=CVE-2014-6031
Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors. Desbordamiento de buffer en el demonio mcpq en sistemas F5 BIG-IP, versiones 10.x anteriores a la 10.2.4 HF12, 11.x anteriores a la 11.2.1 HF15, 11.3.x, 11.4.x anteriores a la 11.4.1 HF9, 11.5.x anteriores a la 11.5.2 HF1 y 11.6.0 anteriores a la HF4 y Enterprise Manager, versiones de la 2.1.0 a la 2.3.0 y 3.x anteriores a la 3.1.1 HF5, que permitiría a administradores autenticados causar una denegación de servicio a través de vectores no especificados. • https://support.f5.com/csp/article/K16196 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 136EXPL: 0CVE-2016-1497
https://notcve.org/view.php?id=CVE-2016-1497
The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors. La utilidad Configuration en sistemas F5 BIG-IP 11.0.x, 11.1.x, 11.2.x en versiones anteriores a11.2.1 HF16, 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 HF2, 1.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF1 permite a administradores remotos leer registros de acceso Access Policy Manager (APM) a través de vectores no especificados. • http://www.securityfocus.com/bid/92671 http://www.securitytracker.com/id/1036631 https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •