HTTP/2协议拒绝服务漏洞 (CVE-2023-44487) 安全风险通告
Tags
| attack-pattern: | Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | bc4bf1ac-cb11-4f36-83e8-9504b85a1046 |
| Fingerprint | 9beb425ae6467fc0 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 11, 2023, midnight |
| Added to db | Dec. 20, 2024, 8:13 p.m. |
| Last updated | Dec. 22, 2024, 10:29 p.m. |
| Headline | HTTP/2协议拒绝服务漏洞 (CVE-2023-44487) 安全风险通告 |
| Title | HTTP/2协议拒绝服务漏洞 (CVE-2023-44487) 安全风险通告 |
| Detected Hints/Tags/Attributes | 6/1/34 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.secrss.com/articles/59552 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 69 | cve-2023-44487 |
|
| Details | Domain | 2 | 100.final |
|
| Details | Domain | 4692 | github.com |
|
| Details | Domain | 20 | tomcat.apache.org |
|
| Details | Domain | 84 | aws.amazon.com |
|
| Details | Domain | 60 | blog.cloudflare.com |
|
| Details | Domain | 6752 | 163.com |
|
| Details | File | 1 | security-11.html |
|
| Details | File | 4 | security-10.html |
|
| Details | File | 3 | security-9.html |
|
| Details | File | 3 | security-8.html |
|
| Details | Github username | 2 | bcdannyboy |
|
| Details | Github username | 4 | netty |
|
| Details | Github username | 7 | golang |
|
| Details | Github username | 4 | grpc |
|
| Details | Github username | 5 | eclipse |
|
| Details | Github username | 2 | nghttp2 |
|
| Details | Github username | 54 | apache |
|
| Details | Url | 2 | https://github.com/bcdannyboy/cve-2023-44487 |
|
| Details | Url | 1 | https://github.com/netty/netty/releases/tag/netty-4.1.100.final |
|
| Details | Url | 1 | https://github.com/golang/go/tags |
|
| Details | Url | 1 | https://tomcat.apache.org/security-11.html#fixed_in_apache_tomcat_11.0.0 |
|
| Details | Url | 2 | https://tomcat.apache.org/security-10.html#fixed_in_apache_tomcat_10.1.14 |
|
| Details | Url | 1 | https://tomcat.apache.org/security-9.html#fixed_in_apache_tomcat_9.0.81 |
|
| Details | Url | 1 | https://tomcat.apache.org/security-8.html#fixed_in_apache_tomcat_8.5.94 |
|
| Details | Url | 1 | https://github.com/grpc/grpc-go/releases |
|
| Details | Url | 1 | https://github.com/eclipse/jetty.project/releases |
|
| Details | Url | 1 | https://github.com/nghttp2/nghttp2/releases |
|
| Details | Url | 1 | https://github.com/apache/trafficserver/tags |
|
| Details | Url | 2 | https://aws.amazon.com/security/security-bulletins/aws-2023-011 |
|
| Details | Url | 4 | https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack |
|
| Details | Url | 4 | https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack |
|
| Details | Url | 3 | https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps |
|
| Details | Url | 3 | https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack |