Vulnerabilities > CVE-2023-1108 - Infinite Loop vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
redhat
netapp
CWE-835

Summary

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.

Vulnerable Configurations

Part Description Count
Application
Redhat
310
Application
Netapp
1
OS
Redhat
3

References