CVE-2024-9823
CVSS 3.1 Score 5.3 of 10 (medium)
Attack Complexity low
Availability low
Confidentiality none
Integrity none
Scope unchanged
Privileges Required none
Details
Published Oct 14, 2024
Updated: Mar 7, 2025
CWE ID 400
Summary
CVE-2024-9823 is a newly disclosed cybersecurity vulnerability affecting Jetty's DosFilter. Unauthorized users can exploit this issue to launch remote Denial-of-Service (DoS) attacks against servers. By sending crafted requests, attackers can induce OutofMemory errors in the DosFilter, leading to server memory exhaustion, ultimately causing the server to become unresponsive. This vulnerability poses a significant threat to systems running Jetty and requires immediate patching to mitigate potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Jetty
Affected Vendors
- Eclipse