Vulnerabilities > CVE-2023-3223 - Unspecified vulnerability in Redhat products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

redhat

NVD

Published: 2023-09-27

Updated: 2024-05-03

Summary

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Undertow - Redhat Undertow 1.0.0 Redhat Undertow 1.0.1 Redhat Undertow 1.0.2 Redhat Undertow 1.0.3 Redhat Undertow 1.0.4 Redhat Undertow 1.0.5 Redhat Undertow 1.0.6 Redhat Undertow 1.0.7 Redhat Undertow 1.0.8 Redhat Undertow 1.0.9 Redhat Undertow 1.0.10 Redhat Undertow 1.0.11 Redhat Undertow 1.0.12 Redhat Undertow 1.0.13 Redhat Undertow 1.0.14 Redhat Undertow 1.0.15 Redhat Undertow 1.0.16 Redhat Undertow 1.0.17 Redhat Undertow 1.0.18 Redhat Undertow 1.0.19 Redhat Undertow 1.1.0 Redhat Undertow 1.1.1 Redhat Undertow 1.1.2 Redhat Undertow 1.1.3 Redhat Undertow 1.1.4 Redhat Undertow 1.1.5 Redhat Undertow 1.1.6 Redhat Undertow 1.1.7 Redhat Undertow 1.1.8 Redhat Undertow 1.1.9 Redhat Undertow 1.2.0 Redhat Undertow 1.2.1 Redhat Undertow 1.2.2 Redhat Undertow 1.2.3 Redhat Undertow 1.2.4 Redhat Undertow 1.2.5 Redhat Undertow 1.2.6 Redhat Undertow 1.2.7 Redhat Undertow 1.2.8 Redhat Undertow 1.2.9 Redhat Undertow 1.2.10 Redhat Undertow 1.2.11 Redhat Undertow 1.2.12 Redhat Undertow 1.3.0 Redhat Undertow 1.3.1 Redhat Undertow 1.3.2 Redhat Undertow 1.3.3 Redhat Undertow 1.3.4 Redhat Undertow 1.3.5 Redhat Undertow 1.3.6 Redhat Undertow 1.3.7 Redhat Undertow 1.3.8 Redhat Undertow 1.3.9 Redhat Undertow 1.3.10 Redhat Undertow 1.3.11 Redhat Undertow 1.3.12 Redhat Undertow 1.3.13 Redhat Undertow 1.3.14 Redhat Undertow 1.3.15 Redhat Undertow 1.3.16 Redhat Undertow 1.3.17 Redhat Undertow 1.3.18 Redhat Undertow 1.3.19 Redhat Undertow 1.3.20 Redhat Undertow 1.3.21 Redhat Undertow 1.3.22 Redhat Undertow 1.3.23 Redhat Undertow 1.3.24 Redhat Undertow 1.3.25 Redhat Undertow 1.3.26 Redhat Undertow 1.3.27 Redhat Undertow 1.3.28 Redhat Undertow 1.3.29 Redhat Undertow 1.3.30 Redhat Undertow 1.3.31 Redhat Undertow 1.3.32 Redhat Undertow 1.3.33 Redhat Undertow 1.4.0 Redhat Undertow 1.4.1 Redhat Undertow 1.4.2 Redhat Undertow 1.4.3 Redhat Undertow 1.4.4 Redhat Undertow 1.4.5 Redhat Undertow 1.4.6 Redhat Undertow 1.4.7 Redhat Undertow 1.4.8 Redhat Undertow 1.4.10 Redhat Undertow 1.4.11 Redhat Undertow 1.4.12 Redhat Undertow 1.4.13 Redhat Undertow 1.4.14 Redhat Undertow 1.4.15 Redhat Undertow 1.4.16 Redhat Undertow 1.4.17 Redhat Undertow 1.4.18 Redhat Undertow 1.4.19 Redhat Undertow 1.4.20 Redhat Undertow 1.4.21 Redhat Undertow 1.4.22 Redhat Undertow 1.4.23 Redhat Undertow 1.4.24 Redhat Undertow 1.4.25 Redhat Undertow 1.4.26 Redhat Undertow 1.4.27 Redhat Undertow 1.4.28 Redhat Undertow 2.0.0 Redhat Undertow 2.0.1 Redhat Undertow 2.0.2 Redhat Undertow 2.0.3 Redhat Undertow 2.0.4 Redhat Undertow 2.0.5 Redhat Undertow 2.0.6 Redhat Undertow 2.0.7 Redhat Undertow 2.0.8 Redhat Undertow 2.0.9 Redhat Undertow 2.0.10 Redhat Undertow 2.0.11 Redhat Undertow 2.0.12 Redhat Undertow 2.0.13 Redhat Undertow 2.0.14 Redhat Undertow 2.0.15 Redhat Undertow 2.0.16 Redhat Undertow 2.0.17 Redhat Undertow 2.0.18 Redhat Undertow 2.0.19 Redhat Undertow 2.0.20 Redhat Undertow 2.0.21 Redhat Undertow 2.0.22 Redhat Undertow 2.0.23 Redhat Undertow 2.0.24 Redhat Undertow 2.0.25 Redhat Undertow 2.0.26 Redhat Undertow 2.0.27 Redhat Undertow 2.0.28 Redhat Undertow 2.0.29 Redhat Undertow 2.0.30 Redhat Undertow 2.0.31 Redhat Undertow 2.0.32 Redhat Undertow 2.0.33 Redhat Undertow 2.0.34 Redhat Undertow 2.0.35 Redhat Undertow 2.0.36 Redhat Undertow 2.0.39 Redhat Undertow 2.1.0 Redhat Undertow 2.1.1 Redhat Undertow 2.1.2 Redhat Undertow 2.1.3 Redhat Undertow 2.1.4 Redhat Undertow 2.1.5 Redhat Undertow 2.1.6 Redhat Undertow 2.1.7 Redhat Undertow 2.2.0 Redhat Undertow 2.2.1 Redhat Undertow 2.2.2 Redhat Undertow 2.2.3 Redhat Undertow 2.2.4 Redhat Undertow 2.2.5 Redhat Undertow 2.2.6 Redhat Undertow 2.2.7 Redhat Undertow 2.2.9 Redhat Undertow 2.2.10 Redhat Undertow 2.2.11 Redhat Undertow 2.2.12 Redhat Undertow 2.2.13 Redhat Undertow 2.2.14 Redhat Undertow 2.2.15 Redhat Undertow 2.2.16 Redhat Undertow 2.2.17 Redhat Undertow 2.2.18 Redhat Undertow 2.2.19 Redhat Openshift Container Platform 4.11 Redhat Openshift Container Platform 4.12 Redhat Openshift Container Platform FOR IBM Linuxone 4.9 Redhat Openshift Container Platform FOR IBM Linuxone 4.10 Redhat Openshift Container Platform FOR Power 4.9 Redhat Openshift Container Platform FOR Power 4.10 Redhat Single Sign ON - Redhat Single Sign ON 7.6 Redhat Jboss Enterprise Application Platform Text Only Advisories - Redhat Jboss Enterprise Application Platform 7.4	299
OS	Redhat Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 9.0	3

Summary

Vulnerable Configurations

References