Vulnerability Bulletins

CVE-2023-44487 - HTTP/2 Rapid Reset Attack

System information

Affected software AmazonWS


Publication Date: 2023/10/10 05:00 AM PDT AWS is aware of CVE-2023-44487, also known as "HTTP/2 Rapid Reset Attack," related to HTTP/2 capable web servers where rapid stream generation and cancellation can result in additional load which could lead to a Denial of Service. AWS infrastructure is designed with various protections to address Layer 7 request floods, however, we have implemented additional mitigations to address this issue. AWS also recommends customers who operate their

More info:

Standar resources

Property Value
CVE CVE-2023-44487.

Version history

Version Comments Date
Ministerio de Defensa