CVE-2023-44487 - HTTP/2 Rapid Reset Attack
|
System information
|
|
|
Affected software |
AmazonWS |
Description
|
Publication Date: 2023/10/10 05:00 AM PDT AWS is aware of CVE-2023-44487, also known as "HTTP/2 Rapid Reset Attack," related to HTTP/2 capable web servers where rapid stream generation and cancellation can result in additional load which could lead to a Denial of Service. AWS infrastructure is designed with various protections to address Layer 7 request floods, we have implemented additional mitigations to address this issue. AWS also recommends customers who operate their own HTTP/2
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ |
Standar resources
|
Property |
Value |
CVE |
CVE-2023-44487. |