CVE-2024-9823

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 14, 2024

Updated: Oct 15, 2024

CWE ID 400

Summary

CVE-2024-9823 is a security vulnerability in Jetty's DosFilter, which can be exploited by unauthorized users to launch a remote denial-of-service (DoS) attack, potentially causing OutOfMemory errors and exhausting server memory. Affected products include various versions of Jetty identified by codes such as zCGUOV, ZB86h1, and i3sSg_. To remediate this vulnerability, it is recommended that organizations apply updates or patches provided by the Jetty project. The vulnerability has a medium severity rating with an exploitability score of 3.9, indicating that it can be exploited with low complexity and without requiring user interaction. If successfully executed, the attack could lead to service disruptions for organizations utilizing affected Jetty products.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database