CVE-2023-3223
Undertow: outofmemoryerror due to @multipartconfig handling
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.
Se encontró una falla en el undertow. Los servlets anotados con @MultipartConfig pueden causar un OutOfMemoryError debido a un gran contenido multiparte. Esto puede permitir que usuarios no autorizados provoquen un ataque remoto de denegación de servicio (DoS). Si el servidor usa fileSizeThreshold para limitar el tamaño del archivo, es posible evitar el límite estableciendo el nombre del archivo en la solicitud en nulo.
Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.6.5 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include a denial of service vulnerability.
*Credits:
Red Hat would like to thank Keke Lian & Haoran Zhao (SecSys Lab) for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-06-13 CVE Reserved
- 2023-08-08 CVE Published
- 2024-08-02 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-789: Memory Allocation with Excessive Size Value
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20231027-0004 |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2023:4505 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:4506 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:4507 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:4509 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:4918 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:4919 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:4920 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:4921 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:4924 | 2024-05-03 | |
| https://access.redhat.com/errata/RHSA-2023:7247 | 2024-05-03 | |
| https://access.redhat.com/security/cve/CVE-2023-3223 | 2024-05-03 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2209689 | 2024-05-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.11 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.11" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.12 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.12" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform For Ibm Linuxone Search vendor "Redhat" for product "Openshift Container Platform For Ibm Linuxone" | 4.9 Search vendor "Redhat" for product "Openshift Container Platform For Ibm Linuxone" and version "4.9" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform For Ibm Linuxone Search vendor "Redhat" for product "Openshift Container Platform For Ibm Linuxone" | 4.10 Search vendor "Redhat" for product "Openshift Container Platform For Ibm Linuxone" and version "4.10" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform For Power Search vendor "Redhat" for product "Openshift Container Platform For Power" | 4.9 Search vendor "Redhat" for product "Openshift Container Platform For Power" and version "4.9" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform For Power Search vendor "Redhat" for product "Openshift Container Platform For Power" | 4.10 Search vendor "Redhat" for product "Openshift Container Platform For Power" and version "4.10" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | 7.6 Search vendor "Redhat" for product "Single Sign-on" and version "7.6" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | 7.6 Search vendor "Redhat" for product "Single Sign-on" and version "7.6" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | 7.6 Search vendor "Redhat" for product "Single Sign-on" and version "7.6" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform" | 7.4 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "7.4" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform" | 7.4 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "7.4" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform" | 7.4 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "7.4" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Undertow Search vendor "Redhat" for product "Undertow" | < 2.2.24 Search vendor "Redhat" for product "Undertow" and version " < 2.2.24" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Jboss Enterprise Application Platform Text-only Advisories Search vendor "Redhat" for product "Jboss Enterprise Application Platform Text-only Advisories" | - | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | - | text-only |
Affected
| ||||||