CVE-2016-9589

moderate-risk

Published 2018-03-12

Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection.

Do I need to act?

2.2% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (2)

Jboss Wildfly Application Server

Affected Vendors

Redhat

References (26)

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0830.html

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0831.html

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0832.html

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0834.html

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0876.html

Third Party Advisory http://www.securityfocus.com/bid/97060

Vendor Advisory https://access.redhat.com/errata/RHSA-2017:0872

Vendor Advisory https://access.redhat.com/errata/RHSA-2017:0873

Vendor Advisory https://access.redhat.com/errata/RHSA-2017:3454

Vendor Advisory https://access.redhat.com/errata/RHSA-2017:3455

Vendor Advisory https://access.redhat.com/errata/RHSA-2017:3456

Vendor Advisory https://access.redhat.com/errata/RHSA-2017:3458

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1404782

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0830.html

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0831.html

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0832.html

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0834.html

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2017-0876.html

Third Party Advisory http://www.securityfocus.com/bid/97060

Vendor Advisory https://access.redhat.com/errata/RHSA-2017:0872

and 6 more references

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 5/34 · Minimal

Exposure 7/34 · Low