HTTP2.Continuation.Frame.Flood.DoS
Description
This indicates an attack attempt to exploit a DoS vulnerability in a HTTP2 Server.
The vulnerability is due to an error in the vulnerable application when handling maliciously crafted HTTP2 Continuation frames. Successful exploitation could potentially allow denial of service to be performed.
Affected Products
Node.js prior to 18.20
Node.js prior to 20.12
Node.js prior to 21.7.1
Envoy 1.29.x prior to 1.29.3
Envoy 1.28.x prior to 1.28.2
Envoy 1.27.x prior to 1.27.4
Envoy 1.26.x prior to 1.26.8
Tempesta prior to 0.7.1
AMPHP prior to 4.1.0-rc1
Go net/http prior to go1.21.9
Go net/http go1.22.0-0 prior to go1.22.2
Go golang.org/x/net/http2 prior to before v0.23.0
nghttp2 prior to 1.61.0
Apache HTTP Server prior to 2.4.58
Apache Traffic Server 8.0.0 prior to 8.1.9
Apache Traffic Server 9.0.0 prior to 9.2.3
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2024-05-01 | 27.778 | Sig Added |
2024-04-29 | 27.776 | Default_action:pass:drop |
2024-04-17 | 27.770 |