RHSA-2023%3A7587
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64 |
| Red Hat | ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:72999c6bcd08c26d15813fa4a813749f1349cafeb7d155ecf262e6cbdf6a0b33_amd64 |
| Red Hat | ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:331ca81863339a0b8d52f127e860209ac3be2cf05fb4d26f3162eb3ee81f605c_amd64 |
| Red Hat | ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-smartrouter-rhel8@sha256:90dae7252e3c285e1b1d318dd0831f851a7be4608b8f8b82384c7236049b6442_amd64 |
| Red Hat | ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64 |
| Red Hat | ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64 |
| Red Hat | ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-businesscentral-rhel8@sha256:bdb79faae81c9624759b0b7acb9825004e377ac5186fefa4be3393c21f41a869_amd64 |
| Red Hat | ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:db94353ed91569bacb79c0f434deff478e01469671ef3af6804940cef31c7492_amd64 |
| Red Hat | ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:b212e8d2ee392c732960889369d51c885f5eabd9f76a586189e75d8e54fa12ed_amd64 |
| Red Hat | ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-rhel8-operator@sha256:76a66069057cc21cc1476e0b20defaf78178343c8c16de5b5af7c5d3be846474_amd64 |
| Red Hat | ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:f0efba2fc020c17063ade1ab8860c1f63a6bba74228587ad6c0582001249e6cc_amd64 |
| Red Hat | ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64 |
| Red Hat | ibm-bamoe/bamoe-controller-rhel8@sha256:4257937e0e3fe3c0dc7b150fb111738c3bf8416781fe15f7245a0b2f9dc604c9_amd64 as a component of Middleware Containers for OpenShift | * |
| Red Hat | ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64 |
| Red Hat | ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:1a3a50a1af4d78bc70a9c11a42f059bd372454ce84913c3b78021180ec4d0bdf_ppc64le |
| Red Hat | ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-process-migration-rhel8@sha256:fdfeda38dd932c4aa9f63b4f5e758b823eb079c90f068a482f92c4aa8e880664_amd64 |
| Red Hat | ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:53a848ec0126dd74180697bd76d83f02151ce08dcb1ddda59a4b2ebdcae44047_ppc64le |
| Red Hat | ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:1f2f53c48f1d8e997b0a8ec314405ac90126e710cc2f25d4362c250499cc927b_ppc64le |
| Red Hat | ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:db4267235a69729c0cdc7a8af7d84afeeea6b1cda81e2c9411d5307f11c45bde_amd64 |
| Red Hat | ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64 as a component of Middleware Containers for OpenShift | ibm-bamoe/bamoe-kieserver-rhel8@sha256:a02e0a493f8651a31614dc30a3e803df08c9563e9f5da21a9710a7d010dfca2f_amd64 |
…and 16 more
Timeline
- Nov 29, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:7587 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2242803 issue
- https://issues.redhat.com/browse/RHPAM-4816 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7587.json advisory
- https://access.redhat.com/security/cve/CVE-2023-44487 advisory
- https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 advisory
- https://www.cve.org/CVERecord?id=CVE-2023-44487 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-44487 advisory
- https://github.com/dotnet/announcements/issues/277 advisory
- https://pkg.go.dev/vuln/GO-2023-2102 advisory
- https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 advisory
- https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog exploit