CVE-2024-2758
published 2024-04-03CVE-2024-2758: Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal…
PriorityP352medium6.3CVSS 3.1
AVNACLPRLUINSUCLILAL
EPSS
72.75%
99.4th percentile
Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tempesta | tempesta_fw | 0.7.0 – 0.7.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP/2 CONTINUATION frames can be sent in a flood pattern to conduct DoS attacks against Tempesta FW when rate limits are not configured ↗
- →Tempesta FW rate limits are disabled by default, leaving the server exposed to empty CONTINUATION frame floods; monitor for high volumes of empty HTTP/2 CONTINUATION frames ↗
- ·Tempesta FW rate limits are off by default; without explicit configuration they will not mitigate empty CONTINUATION frame DoS attacks ↗
- ·Tempesta FW is not shipped in any Red Hat product, so Red Hat-based environments are not directly affected ↗
CVSS provenance
nvdv3.16.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
vendor_redhat6.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
FW: HTTP/2 CONTINUATION frames can be utilized for DoS attacks
vendor_redhat·2024-04-03·CVSS 6.3
CVE-2024-2758 [MEDIUM] FW: HTTP/2 CONTINUATION frames can be utilized for DoS attacks
FW: HTTP/2 CONTINUATION frames can be utilized for DoS attacks
Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.
Statement: Tempesta FW is an all-in-one open-source solution for high performance web content delivery and advanced protection against DDoS and web attacks. It is not shipped in any Red Hat product.
GHSA
GHSA-5x2g-c9gv-xwq2: Tempesta FW rate limits are not enabled by default
ghsa_unreviewed·2024-04-03
CVE-2024-2758 [MEDIUM] GHSA-5x2g-c9gv-xwq2: Tempesta FW rate limits are not enabled by default
Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.
No detection rules found.
No public exploits indexed.
http://www.openwall.com/lists/oss-security/2024/04/03/16https://github.com/tempesta-tech/tempesta/security/advisories/GHSA-3xwj-5ch3-q9p4https://www.kb.cert.org/vuls/id/421644http://www.openwall.com/lists/oss-security/2024/04/03/16https://github.com/tempesta-tech/tempesta/security/advisories/GHSA-3xwj-5ch3-q9p4https://www.kb.cert.org/vuls/id/421644
2024-04-03
Published