CVE-2023-24998
Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.
Note that, like all of the file upload limits, the
new configuration option (FileUploadBase#setFileCountMax) is not
enabled by default and must be explicitly configured.
A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service.
While Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-02-01 CVE Reserved
- 2023-02-20 CVE Published
- 2023-03-29 First Exploit
- 2024-08-02 CVE Updated
- 2024-10-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2023/05/22/1 | Mailing List | |
https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html | Third Party Advisory | |
https://security.gentoo.org/glsa/202305-37 | Third Party Advisory | |
https://www.debian.org/security/2023/dsa-5522 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://github.com/nice1st/CVE-2023-24998 | 2023-03-29 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy | 2024-02-16 | |
https://access.redhat.com/security/cve/CVE-2023-24998 | 2023-11-14 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2172298 | 2023-11-14 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Commons Fileupload Search vendor "Apache" for product "Commons Fileupload" | >= 1.0 < 1.5 Search vendor "Apache" for product "Commons Fileupload" and version " >= 1.0 < 1.5" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Commons Fileupload Search vendor "Apache" for product "Commons Fileupload" | 1.0 Search vendor "Apache" for product "Commons Fileupload" and version "1.0" | beta |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
|