all InfoSec news
CVE-2023-44487 - HTTP/2 Rapid Reset Attack
Latest Bulletins aws.amazon.com
Publication Date: 2023/10/10 05:00 AM PDT
AWS is aware of CVE-2023-44487, also known as "HTTP/2 Rapid Reset Attack," related to HTTP/2 capable web servers where rapid stream generation and cancellation can result in additional load which could lead to a Denial of Service. AWS infrastructure is designed with various protections to address Layer 7 request floods, however, we have implemented additional mitigations to address this issue. AWS also recommends customers who operate their own HTTP/2 capable web servers verify with …
2 rapid reset address attack aware aws cve cve-2023-44487 denial of service http infrastructure rapid rapid reset rapid reset attack reset result servers service stream web web servers