SARA / Free Tools / CVE / CVE-2023-3223

CVE-2023-3223 — A flaw was found in undertow

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it&#

CVSS
7.5 HIGH
EPSS
88.00% (top 24.90%)
CWE
CWE-789
Published
2023-09-27T13:54:44.682Z
Last modified
2024-08-02T06:48:07.955Z
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

01What is this vulnerability?

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.

02Affected products

VendorProductVersions
Red HatRed Hat Fuse 7.12.1unspecified
Red HatRed Hat JBoss Enterprise Application Platform 7.1.0unspecified
Red HatRed Hat JBoss Enterprise Application Platform 7.4 for RHEL 80:2.2.25-3.SP3_redhat_00001.1.el8eap
Red HatRed Hat JBoss Enterprise Application Platform 7.4 for RHEL 90:2.2.25-3.SP3_redhat_00001.1.el9eap
Red HatRed Hat JBoss Enterprise Application Platform 7.4 on RHEL 70:2.2.25-3.SP3_redhat_00001.1.el7eap
Red HatRed Hat Single SignOn 7.6.5 — unspecified
Red HatRed Hat Single SignOn 7.6 for RHEL 7 — 0:18.0.9-1.redhat_00001.1.el7sso
Red HatRed Hat Single SignOn 7.6 for RHEL 8 — 0:18.0.9-1.redhat_00001.1.el8sso
Red HatRed Hat Single SignOn 7.6 for RHEL 9 — 0:18.0.9-1.redhat_00001.1.el9sso
Red HatRHEL8 based Middleware Containers — 7.6-27
Red HatRed Hat build of Quarkusunspecified
Red HatRed Hat Data Grid 8unspecified
Red HatRed Hat Decision Manager 7unspecified
Red HatRed Hat Integration Camel Kunspecified
Red HatRed Hat Integration Service Registryunspecified
Red HatRed Hat JBoss Data Grid 7unspecified
Red HatRed Hat JBoss Enterprise Application Platform Expansion Packunspecified
Red HatRed Hat JBoss Fuse 6unspecified
Red HatRed Hat OpenStack Platform 13 (Queens) Operational Toolsunspecified
Red HatRed Hat Process Automation 7unspecified
Red HatRed Hat support for Spring Bootunspecified

03Active exploitation status

Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.

04Recommended remediation

05Technical details

For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.

06Detection signatures

Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:

Open in Sigma generator →

07Related CVEs

No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.

08Timeline

09References

Want this in your SOAR or SIEM?
SARA's API returns EPSS, CVSS, KEV, and an analyst-grade summary in one call.
Read the API reference →
EPSS detail → Search KEV → Ask SARA →