Brief

Summary:

A denial-of-service (DoS) vulnerability, known as Rapid Reset (CVE-2023-44487), has been identified in the HTTP/2 protocol. The vulnerability, which has been exploited in the wild since August 2023, can lead to a record-breaking attack. The Cybersecurity and Infrastructure Security Agency (CISA) recommends that organizations providing HTTP/2 services apply patches when available and consider configuration changes and other mitigations to reduce the impact of the attack. The vulnerability affects several vendors, including Cloudflare, Google, AWS, and Microsoft. Organizations can take proactive steps to reduce the effects of DoS attacks by following CISA's guidance on understanding and responding to DDoS attacks.

Researchers and vendors have disclosed a denial-of-service (DoS) vulnerability in HTTP/2 protocol. The vulnerability (CVE-2023-44487), known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023.

CISA recommends organizations that provide HTTP/2 services apply patches when available and consider configuration changes and other mitigations discussed in the references below. For more information on Rapid Reset, see:

Organizations can take proactive steps to reduce the effects of DoS attacks. See the following guidance for more information:

Highlights content goes here...

Summary

The HTTP/2 protocol has been found to be vulnerable to a denial-of-service (DoS) attack, known as Rapid Reset (CVE-2023-44487), which has been exploited in the wild since August 2023. This vulnerability allows attackers to exhaust the HTTP/2 connection pool, resulting in a sustained denial-of-service attack.

The vulnerability affects organizations that provide HTTP/2 services and can be exploited by sending a large number of HTTP/2 sessions with low-completed but high-established connections. This can cause the targeted systems to consume excessive resources, leading to a denial-of-service condition.

Several key players in the industry have disclosed information about the vulnerability, including Cloudflare, Google, AWS, and NGINX. Microsoft has also published guidance on responding to DDoS attacks against HTTP/2.

In response to the vulnerability, CISA has recommended that organizations affected by HTTP/2 services apply patches when available and consider configuration changes and other mitigations. CISA has also published guidance for understanding and responding to DDoS attacks, as well as additional guidance for federal agencies.

To reduce the effects of DoS attacks, organizations can take proactive steps. This includes:

Applying patches when available to address the Rapid Reset vulnerability
Implementing configuration changes to mitigate the impact of the attack
Monitoring systems for signs of attack and responding quickly to potential incidents
Implementing robust DDoS protection measures, such as those provided by cloud service providers and DDoS mitigation services
* Developing incident response plans to ensure effective response to DDoS attacks

It is essential for organizations providing HTTP/2 services to prioritize address this vulnerability and take steps to mitigate its impact.

Cybersecurity and Infrastructure Security Agency

Quick Insight
RADA.AI
RADA.AI
Hello! I'm RADA.AI - Regulatory Analysis and Decision Assistance. Your Intelligent guide for compliance and decision-making. How can i assist you today?
Suggested

Form successfully submitted. One of our GRI rep will contact you shortly

Thanking You!

Login

Enter your Email

Enter your email id below to signup.

Enter your Email

Enter your email id below to signup.
Individual Plan
$125 / month OR $1250 / year
Features
Best for: Researchers, Legal professionals, Academics
Enterprise Plan
Contact for Pricing
Features
Best for: Law Firms, Corporations, Government Bodies