Apache Tomcat Remediation for CVE-2023-44487 - HTTP/2 Rapid Reset Attack

Apache Tomcat Remediation for CVE-2023-44487 - HTTP/2 Rapid Reset Attack

book

Article ID: KB0071000

calendar_today

Updated On:

Products Versions
ibi WebFOCUS All

Description

CVE-2023-44487 has recently been announced by the National Institute of

Standards and Technology (NIST). Customers are encouraged to follow remediation
steps outlined by the CVE-2023-44487 Detail article located at
https://nvd.nist.gov/vuln/detail/CVE-2023-44487.

WebFOCUS customers using Apache Tomcat should review the corresponding Tomcat vulnerabilities pages listed below and follow the remediation recommendations from Apache.  

Environment

All

Resolution

Apache Tomcat Website
Fixed in Apache Tomcat 8.5.94
Fixed in Apache Tomcat 9.0.81
Fixed in Apache Tomcat 10.1.14

Issue/Introduction

This article addresses CVE-2023-44487 and information to remediate Apache Tomcat
Powered by Wolken Software