A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
|
History
03 May 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
16 Nov 2023, 00:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://security.netapp.com/advisory/ntap-20231020-0002/ - Third Party Advisory | |
First Time |
Netapp
Netapp oncommand Workflow Automation |
|
CPE | cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* |
20 Oct 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Sep 2023, 20:16
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-835 | |
First Time |
Redhat integration Camel K
Redhat openshift Container Platform Redhat openshift Container Platform For Linuxone Redhat decision Manager Redhat jboss Enterprise Application Platform Redhat openshift Application Runtimes Redhat process Automation Redhat Redhat enterprise Linux Redhat jboss Enterprise Application Platform Expansion Pack Redhat build Of Quarkus Redhat integration Service Registry Redhat single Sign-on Redhat undertow Redhat openstack Platform Redhat fuse Redhat openshift Container Platform For Power |
|
References | (MISC) https://access.redhat.com/errata/RHSA-2023:1513 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:3883 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:1512 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:1516 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:1185 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:3888 - Vendor Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2174246 - Issue Tracking | |
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-1108 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:1514 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:3884 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:1184 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:3954 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:3892 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:4612 - Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:3885 - Vendor Advisory | |
CPE | cpe:2.3:a:redhat:fuse:1.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:single_sign-on:7.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:* cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:*:*:*:*:*:*:* |
14 Sep 2023, 18:32
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-14 15:15
Updated : 2024-05-03 16:15
NVD link : CVE-2023-1108
Mitre link : CVE-2023-1108
CVE.ORG link : CVE-2023-1108
JSON object : View
Products Affected
redhat
- decision_manager
- openstack_platform
- process_automation
- enterprise_linux
- openshift_container_platform_for_linuxone
- integration_camel_k
- jboss_enterprise_application_platform_expansion_pack
- undertow
- jboss_enterprise_application_platform
- integration_service_registry
- openshift_application_runtimes
- openshift_container_platform_for_power
- build_of_quarkus
- openshift_container_platform
- fuse
- single_sign-on
netapp
- oncommand_workflow_automation
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')