HTTP/2 Rapid Reset Attack Affecting Cisco Products: October 2023
|
System information
|
| |
|
|
Affected software |
Cisco |
Description
|
On October 10, 2023, the following HTTP/2 protocol-level weakness, which enables a novel distributed denial of service (DDoS) attack technique, was disclosed: CVE-2023-44487: HTTP/2 Rapid Reset For a description of this vulnerability, see the following publications: How it works: The novel HTTP/2 Rapid Reset DDoS attack (Google) HTTP/2 Zero-Day vulnerability results in record-breaking DDoS attacks (Cloudflare) CVE-2023-44487 - HTTP/2 Rapid Reset Attack (AWS) This advisory is available at
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=HTTP/2%20Rapid%20Reset%20Attack%20Affecting%20Cisco%20Products:%20October%202023&vs_k=1 |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2023-44487. |
