Vulnerability Bulletins

HTTP/2 Rapid Reset Attack Affecting Cisco Products: October 2023

System information

Affected software Cisco


On October 10, 2023, the following HTTP/2 protocol-level weakness, which enables a novel distributed denial of service (DDoS) attack technique, was disclosed: CVE-2023-44487: HTTP/2 Rapid Reset For a description of this vulnerability, see the following publications: How it works: The novel HTTP/2 ‘Rapid Reset’ DDoS attack (Google) HTTP/2 Zero-Day vulnerability results in record-breaking DDoS attacks (Cloudflare) CVE-2023-44487 - HTTP/2 Rapid Reset Attack (AWS) This advisory will

More info:

Standar resources

Property Value
CVE CVE-2023-44487.

Version history

Version Comments Date
Ministerio de Defensa