Apache Tomcat Remediation for CVE-2023-44487 - HTTP/2 Rapid Reset Attack

Apache Tomcat Remediation for CVE-2023-44487 - HTTP/2 Rapid Reset Attack

book

Article ID: KB0071000

calendar_today

Updated On:

Products

ibi WebFOCUS

Description

CVE-2023-44487 has recently been announced by the National Institute of

Standards and Technology (NIST). Customers are encouraged to follow remediation
steps outlined by the CVE-2023-44487 Detail article located at
https://nvd.nist.gov/vuln/detail/CVE-2023-44487.

WebFOCUS customers using Apache Tomcat should review the corresponding Tomcat vulnerabilities pages listed below and follow the remediation recommendations from Apache.  

Issue/Introduction

This article addresses CVE-2023-44487 and information to remediate Apache Tomcat

Environment

All

Resolution

Apache Tomcat Website
Fixed in Apache Tomcat 8.5.94
Fixed in Apache Tomcat 9.0.81
Fixed in Apache Tomcat 10.1.14