CVE-2023-47124

Summary

CVE-2023-47124 affects Traefik, an open-source HTTP reverse proxy and load balancer. The vulnerability lies in the `HTTPChallenge` feature used to generate and renew Let's Encrypt TLS certificates. Attackers can exploit the 50-second delay authorized to solve the challenge, executing a prolonged connection attack named "slowloris." This can lead to denial-of-service conditions. To mitigate this risk, users are advised to upgrade to Traefik version 2.10.6 or 3.0.0-beta5. As an alternative, users unable to upgrade can switch to the `TLSChallenge` or `DNSChallenge` methods.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.