CVE-2023-1973
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-1973 is a recently disclosed vulnerability affecting the Undertow package. This issue involves the FormAuthenticationMechanism, which can be exploited by malicious users. By sending specially crafted requests, they can trigger a Denial of Service condition, resulting in an Out-of-Memory error. The server's memory becomes exhausted due to this error, making the system unresponsive. This vulnerability poses a potential risk to applications using the Undertow package and FormAuthenticationMechanism, requiring prompt attention for patching or mitigation measures.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.