NVD Vulnerability Detail

CVE-2023-44487

Summary	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Publication Date	Oct. 10, 2023, 11:15 p.m.
Registration Date	Oct. 11, 2023, 10:01 a.m.
Last Update	March 8, 2025, 4:15 a.m.

CVSS3.1 : HIGH
スコア	7.5
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	高

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:ietf:http:2.0:::::::*

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:nghttp2:nghttp2::::::::					1.57.0

Configuration3		or higher	or less	more than	less than
cpe:2.3:a:netty:netty::::::::					4.1.100

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:envoyproxy:envoy:1.27.0:::::::*
cpe:2.3:a:envoyproxy:envoy:1.26.4:::::::*
cpe:2.3:a:envoyproxy:envoy:1.25.9:::::::*
cpe:2.3:a:envoyproxy:envoy:1.24.10:::::::*

Configuration5	or higher	or less	more than	less than
cpe:2.3:a:eclipse:jetty::::::::	12.0.0			12.0.2
cpe:2.3:a:eclipse:jetty::::::::	11.0.0			11.0.17
cpe:2.3:a:eclipse:jetty::::::::	10.0.0			10.0.17
cpe:2.3:a:eclipse:jetty::::::::				9.4.53

Configuration6		or higher	or less	more than	less than
cpe:2.3:a:caddyserver:caddy::::::::					2.7.5

Configuration7	or higher	or less	more than	less than
cpe:2.3:a:golang:http2::::::go::*				0.17.0
cpe:2.3:a:golang:go::::::::	1.21.0			1.21.3
cpe:2.3:a:golang:go::::::::				1.20.10
cpe:2.3:a:golang:networking::::::go::*				0.17.0

Configuration8	or higher	or less	more than	less than
cpe:2.3:a:f5:big-ip_analytics::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_link_controller::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_application_security_manager::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_access_policy_manager::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_application_visibility_and_reporting::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_carrier-grade_nat::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_ssl_orchestrator::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_webaccelerator::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_websafe::::::::	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_analytics::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_access_policy_manager::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_application_security_manager::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_link_controller::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_analytics:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_link_controller:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_websafe:17.1.0:::::::*
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_application_visibility_and_reporting::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_carrier-grade_nat::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_ssl_orchestrator::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_webaccelerator::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_websafe::::::::	14.1.0	14.1.5
cpe:2.3:a:f5:big-ip_access_policy_manager::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_access_policy_manager::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_analytics::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_analytics::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_application_security_manager::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_application_security_manager::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_application_visibility_and_reporting::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_application_visibility_and_reporting::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_carrier-grade_nat::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_carrier-grade_nat::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_link_controller::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_link_controller::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_ssl_orchestrator::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_ssl_orchestrator::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_webaccelerator::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_webaccelerator::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:big-ip_websafe::::::::	15.1.0	15.1.10
cpe:2.3:a:f5:big-ip_websafe::::::::	16.1.0	16.1.4
cpe:2.3:a:f5:nginx_plus:r30:-::::::
cpe:2.3:a:f5:nginx_plus::::::::	r25			r29
cpe:2.3:a:f5:nginx_plus:r29:-::::::
cpe:2.3:a:f5:big-ip_next:20.0.1:::::::*
cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes::::::::	1.5.0	1.8.2
cpe:2.3:a:f5:nginx::::::::	1.9.5	1.25.2
cpe:2.3:a:f5:nginx_ingress_controller::::::::	2.0.0	2.4.2
cpe:2.3:a:f5:nginx_ingress_controller::::::::	3.0.0	3.3.0

Configuration9	or higher	or less	more than	less than
cpe:2.3:a:apache:tomcat:11.0.0:milestone1::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone2::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone4::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone3::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone5::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone7::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone8::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone9::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone10::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone6::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone11::::::
cpe:2.3:a:apache:tomcat::::::::	9.0.0	9.0.80
cpe:2.3:a:apache:tomcat::::::::	8.5.0	8.5.93
cpe:2.3:a:apache:tomcat::::::::	10.1.0	10.1.13

Configuration10		or higher	or less	more than	less than
cpe:2.3:a:apple:swiftnio_http\/2::::::swift::*					1.28.0

Configuration11	or higher	or less	more than	less than
cpe:2.3:a:grpc:grpc:1.57.0:-::::go::*
cpe:2.3:a:grpc:grpc::::::go::*	1.58.0			1.58.3
cpe:2.3:a:grpc:grpc::::::go::*				1.56.3
cpe:2.3:a:grpc:grpc::::::-::*		1.59.2

Configuration12	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows_server_2016:-:::::::*
cpe:2.3:o:microsoft:windows_server_2019:-:::::::*
cpe:2.3:o:microsoft:windows_server_2022:-:::::::*
cpe:2.3:o:microsoft:windows_10_22h2::::::::				10.0.19045.3570
cpe:2.3:o:microsoft:windows_10_1809::::::::				10.0.17763.4974
cpe:2.3:o:microsoft:windows_11_21h2::::::::				10.0.22000.2538
cpe:2.3:o:microsoft:windows_11_22h2::::::::				10.0.22621.2428
cpe:2.3:o:microsoft:windows_10_1607:::::::x86:*				10.0.14393.6351
cpe:2.3:o:microsoft:windows_10_1607:::::::x64:*				10.0.14393.6351
cpe:2.3:a:microsoft:.net::::::::	7.0.0			7.0.12
cpe:2.3:o:microsoft:windows_10_21h2::::::::				10.0.19044.3570
cpe:2.3:a:microsoft:visual_studio_2022::::::::	17.7			17.7.5
cpe:2.3:a:microsoft:visual_studio_2022::::::::	17.6			17.6.8
cpe:2.3:a:microsoft:visual_studio_2022::::::::	17.4			17.4.12
cpe:2.3:a:microsoft:visual_studio_2022::::::::	17.0			17.2.20
cpe:2.3:a:microsoft:asp.net_core::::::::	6.0.0			6.0.23
cpe:2.3:a:microsoft:asp.net_core::::::::	7.0.0			7.0.12
cpe:2.3:a:microsoft:.net::::::::	6.0.0			6.0.23
cpe:2.3:a:microsoft:azure_kubernetes_service::::::::				2023-10-08

Configuration13	or higher	or less	more than	less than
cpe:2.3:a:nodejs:node.js:::::lts:::*	18.0.0			18.18.2
cpe:2.3:a:nodejs:node.js::::::::	20.0.0			20.8.1

Configuration14		or higher	or less	more than	less than
cpe:2.3:a:microsoft:cbl-mariner::::::::					2023-10-11

Configuration15		or higher	or less	more than	less than
cpe:2.3:a:dena:h2o::::::::					2023-10-10

Configuration16		or higher	or less	more than	less than
cpe:2.3:a:facebook:proxygen::::::::					2023.10.16.00

Configuration17	or higher	or less	more than	less than
cpe:2.3:a:apache:traffic_server::::::::	9.0.0			9.2.3
cpe:2.3:a:apache:traffic_server::::::::	8.0.0			8.1.9
cpe:2.3:a:apache:apisix::::::::				3.6.1

Configuration18		or higher	or less	more than	less than
cpe:2.3:a:amazon:opensearch_data_prepper::::::::					2.5.0

Configuration19	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:10.0:::::::*
cpe:2.3:o:debian:debian_linux:11.0:::::::*
cpe:2.3:o:debian:debian_linux:12.0:::::::*

Configuration20		or higher	or less	more than	less than
cpe:2.3:a:kazu-yamamoto:http2::::::::					4.2.2

Configuration21	or higher	or less	more than	less than
cpe:2.3:a:istio:istio::::::::	1.19.0			1.19.1
cpe:2.3:a:istio:istio::::::::	1.18.0			1.18.3
cpe:2.3:a:istio:istio::::::::				1.17.6

Configuration22		or higher	or less	more than	less than
cpe:2.3:a:varnish_cache_project:varnish_cache::::::::					2023-10-10

Configuration23	or higher	or less	more than	less than
cpe:2.3:a:traefik:traefik:3.0.0:beta3::::::
cpe:2.3:a:traefik:traefik:3.0.0:beta2::::::
cpe:2.3:a:traefik:traefik:3.0.0:beta1::::::
cpe:2.3:a:traefik:traefik::::::::				2.10.5

Configuration24		or higher	or less	more than	less than
cpe:2.3:a:projectcontour:contour::::::kubernetes::*					2023-10-11

Configuration25	or higher	or less	more than	less than
cpe:2.3:a:linkerd:linkerd:2.13.0::::stable:kubernetes::*
cpe:2.3:a:linkerd:linkerd:2.13.1::::stable:kubernetes::*
cpe:2.3:a:linkerd:linkerd:2.14.0::::stable:kubernetes::*
cpe:2.3:a:linkerd:linkerd:2.14.1::::stable:kubernetes::*
cpe:2.3:a:linkerd:linkerd:::::stable:kubernetes::	2.12.0	2.12.5

Configuration26		or higher	or less	more than	less than
cpe:2.3:a:linecorp:armeria::::::::					1.26.0

Configuration27	or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
cpe:2.3:a:redhat:jboss_fuse:6.0.0:::::::*
cpe:2.3:a:redhat:satellite:6.0:::::::*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:::::::*
cpe:2.3:a:redhat:decision_manager:7.0:::::::*
cpe:2.3:a:redhat:jboss_core_services:-:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:a:redhat:single_sign-on:7.0:::::::*
cpe:2.3:a:redhat:jboss_fuse:7.0.0:::::::*
cpe:2.3:a:redhat:process_automation:7.0:::::::*
cpe:2.3:a:redhat:jboss_data_grid:7.0.0:::::::*
cpe:2.3:a:redhat:quay:3.0.0:::::::*
cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
cpe:2.3:a:redhat:openstack_platform:16.1:::::::*
cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:::::::*
cpe:2.3:a:redhat:build_of_quarkus:-:::::::*
cpe:2.3:a:redhat:integration_service_registry:-:::::::*
cpe:2.3:a:redhat:integration_camel_k:-:::::::*
cpe:2.3:a:redhat:openshift_service_mesh:2.0:::::::*
cpe:2.3:a:redhat:jboss_a-mq:7:::::::*
cpe:2.3:a:redhat:3scale_api_management_platform:2.0:::::::*
cpe:2.3:a:redhat:ceph_storage:5.0:::::::*
cpe:2.3:a:redhat:openstack_platform:16.2:::::::*
cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
cpe:2.3:a:redhat:ansible_automation_platform:2.0:::::::*
cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:::::::*
cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:::::::*
cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:::::::*
cpe:2.3:a:redhat:openshift_api_for_data_protection:-:::::::*
cpe:2.3:a:redhat:openshift_serverless:-:::::::*
cpe:2.3:a:redhat:build_of_optaplanner:8.0:::::::*
cpe:2.3:a:redhat:openshift_data_science:-:::::::*
cpe:2.3:a:redhat:advanced_cluster_security:4.0:::::::*
cpe:2.3:a:redhat:advanced_cluster_security:3.0:::::::*
cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:::::::*
cpe:2.3:a:redhat:openshift_dev_spaces:-:::::::*
cpe:2.3:a:redhat:cost_management:-:::::::*
cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:::::::*
cpe:2.3:a:redhat:jboss_a-mq_streams:-:::::::*
cpe:2.3:a:redhat:cryostat:2.0:::::::*
cpe:2.3:a:redhat:network_observability_operator:-:::::::*
cpe:2.3:a:redhat:node_healthcheck_operator:-:::::::*
cpe:2.3:a:redhat:openshift_gitops:-:::::::*
cpe:2.3:a:redhat:openshift_virtualization:4:::::::*
cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:::::::*
cpe:2.3:a:redhat:openshift_pipelines:-:::::::*
cpe:2.3:a:redhat:openshift_sandboxed_containers:-:::::::*
cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:::::::*
cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:::::::*
cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:::::::*
cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:::::::*
cpe:2.3:a:redhat:migration_toolkit_for_containers:-:::::::*
cpe:2.3:a:redhat:openstack_platform:17.1:::::::*
cpe:2.3:a:redhat:openshift:-:::::aws::
cpe:2.3:a:redhat:run_once_duration_override_operator:-:::::::*
cpe:2.3:a:redhat:service_interconnect:1.0:::::::*
cpe:2.3:a:redhat:openshift_distributed_tracing:-:::::::*
cpe:2.3:a:redhat:support_for_spring_boot:-:::::::*
cpe:2.3:a:redhat:web_terminal:-:::::::*
cpe:2.3:a:redhat:node_maintenance_operator:-:::::::*
cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:::::::*
cpe:2.3:a:redhat:fence_agents_remediation_operator:-:::::::*
cpe:2.3:a:redhat:self_node_remediation_operator:-:::::::*

Configuration28		or higher	or less	more than	less than
cpe:2.3:a:redhat:service_telemetry_framework:1.5:::::::*
execution environment
1	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

Configuration29	or higher	or less	more than	less than
cpe:2.3:o:fedoraproject:fedora:37:::::::*
cpe:2.3:o:fedoraproject:fedora:38:::::::*

Configuration30	or higher	or less	more than	less than
cpe:2.3:a:netapp:oncommand_insight:-:::::::*
cpe:2.3:a:netapp:astra_control_center:-:::::::*

Configuration31		or higher	or less	more than	less than
cpe:2.3:a:akka:http_server::::::::					10.5.3

Configuration32		or higher	or less	more than	less than
cpe:2.3:a:konghq:kong_gateway:::::enterprise:::*					3.4.2

Configuration33	or higher	or less	more than	less than
cpe:2.3:a:jenkins:jenkins:::::-:::*		2.427
cpe:2.3:a:jenkins:jenkins:::::lts:::*		2.414.2

Configuration34		or higher	or less	more than	less than
cpe:2.3:a:apache:solr::::::::					9.4.0

Configuration35		or higher	or less	more than	less than
cpe:2.3:a:openresty:openresty::::::::					1.21.4.3

Configuration36	or higher	or less	more than	less than
cpe:2.3:a:cisco:unified_contact_center_enterprise:-:::::::*
cpe:2.3:a:cisco:prime_infrastructure::::::::				3.10.4
cpe:2.3:a:cisco:secure_malware_analytics::::::::				2.19.2
cpe:2.3:a:cisco:secure_dynamic_attributes_connector::::::::				2.2.0
cpe:2.3:a:cisco:firepower_threat_defense::::::::				7.4.2
cpe:2.3:o:cisco:fog_director::::::::				1.22
cpe:2.3:o:cisco:ios_xe::::::::				17.15.1
cpe:2.3:a:cisco:prime_network_registrar::::::::				11.2
cpe:2.3:a:cisco:prime_cable_provisioning::::::::				7.2.1
cpe:2.3:a:cisco:prime_access_registrar::::::::				9.3.3
cpe:2.3:a:cisco:data_center_network_manager:-:::::::*
cpe:2.3:a:cisco:iot_field_network_director::::::::				4.11.0
cpe:2.3:o:cisco:ios_xr::::::::				7.11.2
cpe:2.3:a:cisco:crosswork_zero_touch_provisioning::::::::				6.0.0
cpe:2.3:a:cisco:crosswork_data_gateway:5.0:::::::*
cpe:2.3:a:cisco:crosswork_data_gateway::::::::				4.1.3
cpe:2.3:a:cisco:expressway::::::::				x14.3.3
cpe:2.3:a:cisco:connected_mobile_experiences::::::::				11.1
cpe:2.3:a:cisco:telepresence_video_communication_server::::::::				x14.3.3
cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:::::::*
cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server::::::::				12.6.2
cpe:2.3:a:cisco:unified_contact_center_management_portal:-:::::::*
cpe:2.3:a:cisco:unified_attendant_console_advanced:-:::::::*
cpe:2.3:a:cisco:enterprise_chat_and_email:-:::::::*
cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function::::::::				2024.02.0
cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function::::::::				2024.02.0
cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function::::::::				2024.01.0
cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:::::::*

Configuration37		or higher	or less	more than	less than
cpe:2.3:o:cisco:secure_web_appliance_firmware::::::::					15.1.0
execution environment
1	cpe:2.3:h:cisco:secure_web_appliance:-:::::::*

Configuration38		or higher	or less	more than	less than
cpe:2.3:o:cisco:nx-os::::::::					10.2\(7\)
cpe:2.3:o:cisco:nx-os::::::::		10.3\(1\)			10.3\(5\)
execution environment
1	cpe:2.3:h:cisco:nexus_3016:-:::::::*
2	cpe:2.3:h:cisco:nexus_3016q:-:::::::*
3	cpe:2.3:h:cisco:nexus_3048:-:::::::*
4	cpe:2.3:h:cisco:nexus_3064:-:::::::*
5	cpe:2.3:h:cisco:nexus_3064-32t:-:::::::*
6	cpe:2.3:h:cisco:nexus_3064-t:-:::::::*
7	cpe:2.3:h:cisco:nexus_3064-x:-:::::::*
8	cpe:2.3:h:cisco:nexus_3064t:-:::::::*
9	cpe:2.3:h:cisco:nexus_3064x:-:::::::*
10	cpe:2.3:h:cisco:nexus_3100:-:::::::*
11	cpe:2.3:h:cisco:nexus_3100-v:-:::::::*
12	cpe:2.3:h:cisco:nexus_3100-z:-:::::::*
13	cpe:2.3:h:cisco:nexus_3100v:-:::::::*
14	cpe:2.3:h:cisco:nexus_31108pc-v:-:::::::*
15	cpe:2.3:h:cisco:nexus_31108pv-v:-:::::::*
16	cpe:2.3:h:cisco:nexus_31108tc-v:-:::::::*
17	cpe:2.3:h:cisco:nexus_31128pq:-:::::::*
18	cpe:2.3:h:cisco:nexus_3132c-z:-:::::::*
19	cpe:2.3:h:cisco:nexus_3132q:-:::::::*
20	cpe:2.3:h:cisco:nexus_3132q-v:-:::::::*
21	cpe:2.3:h:cisco:nexus_3132q-x:-:::::::*
22	cpe:2.3:h:cisco:nexus_3132q-x\/3132q-xl:-:::::::*
23	cpe:2.3:h:cisco:nexus_3132q-xl:-:::::::*
24	cpe:2.3:h:cisco:nexus_3164q:-:::::::*
25	cpe:2.3:h:cisco:nexus_3172:-:::::::*
26	cpe:2.3:h:cisco:nexus_3172pq:-:::::::*
27	cpe:2.3:h:cisco:nexus_3172pq-xl:-:::::::*
28	cpe:2.3:h:cisco:nexus_3172pq\/pq-xl:-:::::::*
29	cpe:2.3:h:cisco:nexus_3172tq:-:::::::*
30	cpe:2.3:h:cisco:nexus_3172tq-32t:-:::::::*
31	cpe:2.3:h:cisco:nexus_3172tq-xl:-:::::::*
32	cpe:2.3:h:cisco:nexus_3200:-:::::::*
33	cpe:2.3:h:cisco:nexus_3232:-:::::::*
34	cpe:2.3:h:cisco:nexus_3232c:-:::::::*
35	cpe:2.3:h:cisco:nexus_3232c_:-:::::::*
36	cpe:2.3:h:cisco:nexus_3264c-e:-:::::::*
37	cpe:2.3:h:cisco:nexus_3264q:-:::::::*
38	cpe:2.3:h:cisco:nexus_3400:-:::::::*
39	cpe:2.3:h:cisco:nexus_3408-s:-:::::::*
40	cpe:2.3:h:cisco:nexus_34180yc:-:::::::*
41	cpe:2.3:h:cisco:nexus_34200yc-sm:-:::::::*
42	cpe:2.3:h:cisco:nexus_3432d-s:-:::::::*
43	cpe:2.3:h:cisco:nexus_3464c:-:::::::*
44	cpe:2.3:h:cisco:nexus_3500:-:::::::*
45	cpe:2.3:h:cisco:nexus_3524:-:::::::*
46	cpe:2.3:h:cisco:nexus_3524-x:-:::::::*
47	cpe:2.3:h:cisco:nexus_3524-x\/xl:-:::::::*
48	cpe:2.3:h:cisco:nexus_3524-xl:-:::::::*
49	cpe:2.3:h:cisco:nexus_3548:-:::::::*
50	cpe:2.3:h:cisco:nexus_3548-x:-:::::::*
51	cpe:2.3:h:cisco:nexus_3548-x\/xl:-:::::::*
52	cpe:2.3:h:cisco:nexus_3548-xl:-:::::::*
53	cpe:2.3:h:cisco:nexus_3600:-:::::::*
54	cpe:2.3:h:cisco:nexus_36180yc-r:-:::::::*
55	cpe:2.3:h:cisco:nexus_3636c-r:-:::::::*

Configuration39		or higher	or less	more than	less than
cpe:2.3:o:cisco:nx-os::::::::					10.2\(7\)
cpe:2.3:o:cisco:nx-os::::::::		10.3\(1\)			10.3\(5\)
execution environment
1	cpe:2.3:h:cisco:nexus_9000v:-:::::::*
2	cpe:2.3:h:cisco:nexus_9200:-:::::::*
3	cpe:2.3:h:cisco:nexus_9200yc:-:::::::*
4	cpe:2.3:h:cisco:nexus_92160yc-x:-:::::::*
5	cpe:2.3:h:cisco:nexus_92160yc_switch:-:::::::*
6	cpe:2.3:h:cisco:nexus_9221c:-:::::::*
7	cpe:2.3:h:cisco:nexus_92300yc:-:::::::*
8	cpe:2.3:h:cisco:nexus_92300yc_switch:-:::::::*
9	cpe:2.3:h:cisco:nexus_92304qc:-:::::::*
10	cpe:2.3:h:cisco:nexus_92304qc_switch:-:::::::*
11	cpe:2.3:h:cisco:nexus_9232e:-:::::::*
12	cpe:2.3:h:cisco:nexus_92348gc-x:-:::::::*
13	cpe:2.3:h:cisco:nexus_9236c:-:::::::*
14	cpe:2.3:h:cisco:nexus_9236c_switch:-:::::::*
15	cpe:2.3:h:cisco:nexus_9272q:-:::::::*
16	cpe:2.3:h:cisco:nexus_9272q_switch:-:::::::*
17	cpe:2.3:h:cisco:nexus_9300:-:::::::*
18	cpe:2.3:h:cisco:nexus_93108tc-ex:-:::::::*
19	cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:::::::*
20	cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:::::::*
21	cpe:2.3:h:cisco:nexus_93108tc-fx:-:::::::*
22	cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:::::::*
23	cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:::::::*
24	cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:::::::*
25	cpe:2.3:h:cisco:nexus_93120tx:-:::::::*
26	cpe:2.3:h:cisco:nexus_93120tx_switch:-:::::::*
27	cpe:2.3:h:cisco:nexus_93128:-:::::::*
28	cpe:2.3:h:cisco:nexus_93128tx:-:::::::*
29	cpe:2.3:h:cisco:nexus_93128tx_switch:-:::::::*
30	cpe:2.3:h:cisco:nexus_9316d-gx:-:::::::*
31	cpe:2.3:h:cisco:nexus_93180lc-ex:-:::::::*
32	cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:::::::*
33	cpe:2.3:h:cisco:nexus_93180tc-ex:-:::::::*
34	cpe:2.3:h:cisco:nexus_93180yc-ex:-:::::::*
35	cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:::::::*
36	cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:::::::*
37	cpe:2.3:h:cisco:nexus_93180yc-fx:-:::::::*
38	cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:::::::*
39	cpe:2.3:h:cisco:nexus_93180yc-fx3:-:::::::*
40	cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:::::::*
41	cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:::::::*
42	cpe:2.3:h:cisco:nexus_93216tc-fx2:-:::::::*
43	cpe:2.3:h:cisco:nexus_93240tc-fx2:-:::::::*
44	cpe:2.3:h:cisco:nexus_93240yc-fx2:-:::::::*
45	cpe:2.3:h:cisco:nexus_9332c:-:::::::*
46	cpe:2.3:h:cisco:nexus_9332d-gx2b:-:::::::*
47	cpe:2.3:h:cisco:nexus_9332d-h2r:-:::::::*
48	cpe:2.3:h:cisco:nexus_9332pq:-:::::::*
49	cpe:2.3:h:cisco:nexus_9332pq_switch:-:::::::*
50	cpe:2.3:h:cisco:nexus_93360yc-fx2:-:::::::*
51	cpe:2.3:h:cisco:nexus_9336c-fx2:-:::::::*
52	cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:::::::*
53	cpe:2.3:h:cisco:nexus_9336pq:-:::::::*
54	cpe:2.3:h:cisco:nexus_9336pq_aci:-:::::::*
55	cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:::::::*
56	cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:::::::*
57	cpe:2.3:h:cisco:nexus_9348d-gx2a:-:::::::*
58	cpe:2.3:h:cisco:nexus_9348gc-fx3:-:::::::*
59	cpe:2.3:h:cisco:nexus_9348gc-fxp:-:::::::*
60	cpe:2.3:h:cisco:nexus_93600cd-gx:-:::::::*
61	cpe:2.3:h:cisco:nexus_9364c:-:::::::*
62	cpe:2.3:h:cisco:nexus_9364c-gx:-:::::::*
63	cpe:2.3:h:cisco:nexus_9364d-gx2a:-:::::::*
64	cpe:2.3:h:cisco:nexus_9372px:-:::::::*
65	cpe:2.3:h:cisco:nexus_9372px-e:-:::::::*
66	cpe:2.3:h:cisco:nexus_9372px-e_switch:-:::::::*
67	cpe:2.3:h:cisco:nexus_9372px_switch:-:::::::*
68	cpe:2.3:h:cisco:nexus_9372tx:-:::::::*
69	cpe:2.3:h:cisco:nexus_9372tx-e:-:::::::*
70	cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:::::::*
71	cpe:2.3:h:cisco:nexus_9372tx_switch:-:::::::*
72	cpe:2.3:h:cisco:nexus_9396px:-:::::::*
73	cpe:2.3:h:cisco:nexus_9396px_switch:-:::::::*
74	cpe:2.3:h:cisco:nexus_9396tx:-:::::::*
75	cpe:2.3:h:cisco:nexus_9396tx_switch:-:::::::*
76	cpe:2.3:h:cisco:nexus_9408:-:::::::*
77	cpe:2.3:h:cisco:nexus_9432pq:-:::::::*
78	cpe:2.3:h:cisco:nexus_9500:-:::::::*
79	cpe:2.3:h:cisco:nexus_9500_16-slot:-:::::::*
80	cpe:2.3:h:cisco:nexus_9500_4-slot:-:::::::*
81	cpe:2.3:h:cisco:nexus_9500_8-slot:-:::::::*
82	cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:::::::*
83	cpe:2.3:h:cisco:nexus_9500_supervisor_a\+:-:::::::*
84	cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:::::::*
85	cpe:2.3:h:cisco:nexus_9500_supervisor_b\+:-:::::::*
86	cpe:2.3:h:cisco:nexus_9500r:-:::::::*
87	cpe:2.3:h:cisco:nexus_9504:-:::::::*
88	cpe:2.3:h:cisco:nexus_9504_switch:-:::::::*
89	cpe:2.3:h:cisco:nexus_9508:-:::::::*
90	cpe:2.3:h:cisco:nexus_9508_switch:-:::::::*
91	cpe:2.3:h:cisco:nexus_9516:-:::::::*
92	cpe:2.3:h:cisco:nexus_9516_switch:-:::::::*
93	cpe:2.3:h:cisco:nexus_9536pq:-:::::::*
94	cpe:2.3:h:cisco:nexus_9636pq:-:::::::*
95	cpe:2.3:h:cisco:nexus_9716d-gx:-:::::::*
96	cpe:2.3:h:cisco:nexus_9736pq:-:::::::*
97	cpe:2.3:h:cisco:nexus_9800:-:::::::*
98	cpe:2.3:h:cisco:nexus_9804:-:::::::*
99	cpe:2.3:h:cisco:nexus_9808:-:::::::*

Related information, measures and tools

No	URL	タグ
1	http://www.openwall.com/lists/oss-security/2023/10/10/6
2	http://www.openwall.com/lists/oss-security/2023/10/10/7
3	http://www.openwall.com/lists/oss-security/2023/10/13/4	Mailing List Third Party Advisory
4	http://www.openwall.com/lists/oss-security/2023/10/13/4	Mailing List Third Party Advisory
5	http://www.openwall.com/lists/oss-security/2023/10/13/9	Mailing List Third Party Advisory
6	http://www.openwall.com/lists/oss-security/2023/10/13/9	Mailing List Third Party Advisory
7	http://www.openwall.com/lists/oss-security/2023/10/18/4	Mailing List Third Party Advisory
8	http://www.openwall.com/lists/oss-security/2023/10/18/4	Mailing List Third Party Advisory
9	http://www.openwall.com/lists/oss-security/2023/10/18/8	Mailing List Third Party Advisory
10	http://www.openwall.com/lists/oss-security/2023/10/18/8	Mailing List Third Party Advisory
11	http://www.openwall.com/lists/oss-security/2023/10/19/6	Mailing List Third Party Advisory
12	http://www.openwall.com/lists/oss-security/2023/10/19/6	Mailing List Third Party Advisory
13	http://www.openwall.com/lists/oss-security/2023/10/20/8	Mailing List
14	http://www.openwall.com/lists/oss-security/2023/10/20/8	Mailing List
15	https://access.redhat.com/security/cve/cve-2023-44487	Vendor Advisory
16	https://access.redhat.com/security/cve/cve-2023-44487	Vendor Advisory
17	https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/	Press/Media Coverage Third Party Advisory
18	https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/	Press/Media Coverage Third Party Advisory
19	https://aws.amazon.com/security/security-bulletins/AWS-2023-011/	Third Party Advisory
20	https://aws.amazon.com/security/security-bulletins/AWS-2023-011/	Third Party Advisory
21	https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/	Technical Description Vendor Advisory
22	https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/	Technical Description Vendor Advisory
23	https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/	Third Party Advisory Vendor Advisory
24	https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/	Third Party Advisory Vendor Advisory
25	https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/	Vendor Advisory
26	https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/	Vendor Advisory
27	https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack	Press/Media Coverage Third Party Advisory
28	https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack	Press/Media Coverage Third Party Advisory
29	https://blog.vespa.ai/cve-2023-44487/	Vendor Advisory
30	https://blog.vespa.ai/cve-2023-44487/	Vendor Advisory
31	https://bugzilla.proxmox.com/show_bug.cgi?id=4988	Issue Tracking Third Party Advisory
32	https://bugzilla.proxmox.com/show_bug.cgi?id=4988	Issue Tracking Third Party Advisory
33	https://bugzilla.redhat.com/show_bug.cgi?id=2242803	Issue Tracking Vendor Advisory
34	https://bugzilla.redhat.com/show_bug.cgi?id=2242803	Issue Tracking Vendor Advisory
35	https://bugzilla.suse.com/show_bug.cgi?id=1216123	Issue Tracking Vendor Advisory
36	https://bugzilla.suse.com/show_bug.cgi?id=1216123	Issue Tracking Vendor Advisory
37	https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9	Mailing List Patch Vendor Advisory
38	https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9	Mailing List Patch Vendor Advisory
39	https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/	Technical Description Vendor Advisory
40	https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/	Technical Description Vendor Advisory
41	https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack	Technical Description Vendor Advisory
42	https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack	Technical Description Vendor Advisory
43	https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125	Vendor Advisory
44	https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125	Vendor Advisory
45	https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715	Third Party Advisory
46	https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715	Third Party Advisory
47	https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve	Technical Description Third Party Advisory
48	https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve	Technical Description Third Party Advisory
49	https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764	Vendor Advisory
50	https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764	Vendor Advisory
51	https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088	Issue Tracking Patch
52	https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088	Issue Tracking Patch
53	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	Vendor Advisory
54	https://github.com/advisories/GHSA-qppj-fm5r-hxr3	Vendor Advisory
55	https://github.com/advisories/GHSA-vx74-f528-fxqg	Mitigation Patch Vendor Advisory
56	https://github.com/advisories/GHSA-vx74-f528-fxqg	Mitigation Patch Vendor Advisory
57	https://github.com/advisories/GHSA-xpw8-rcwv-8f8p	Patch Vendor Advisory
58	https://github.com/advisories/GHSA-xpw8-rcwv-8f8p	Patch Vendor Advisory
59	https://github.com/akka/akka-http/issues/4323	Issue Tracking
60	https://github.com/akka/akka-http/issues/4323	Issue Tracking
61	https://github.com/alibaba/tengine/issues/1872	Issue Tracking
62	https://github.com/alibaba/tengine/issues/1872	Issue Tracking
63	https://github.com/apache/apisix/issues/10320	Issue Tracking
64	https://github.com/apache/apisix/issues/10320	Issue Tracking
65	https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113	Product
66	https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113	Product
67	https://github.com/apache/httpd-site/pull/10	Issue Tracking
68	https://github.com/apache/httpd-site/pull/10	Issue Tracking
69	https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2	Product Third Party Advisory
70	https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2	Product Third Party Advisory
71	https://github.com/apache/trafficserver/pull/10564	Issue Tracking Patch
72	https://github.com/apache/trafficserver/pull/10564	Issue Tracking Patch
73	https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487	Vendor Advisory
74	https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487	Vendor Advisory
75	https://github.com/Azure/AKS/issues/3947	Issue Tracking
76	https://github.com/Azure/AKS/issues/3947	Issue Tracking
77	https://github.com/bcdannyboy/CVE-2023-44487	Third Party Advisory
78	https://github.com/bcdannyboy/CVE-2023-44487	Third Party Advisory
79	https://github.com/caddyserver/caddy/issues/5877	Issue Tracking Vendor Advisory
80	https://github.com/caddyserver/caddy/issues/5877	Issue Tracking Vendor Advisory
81	https://github.com/caddyserver/caddy/releases/tag/v2.7.5	Release Notes Third Party Advisory
82	https://github.com/caddyserver/caddy/releases/tag/v2.7.5	Release Notes Third Party Advisory
83	https://github.com/dotnet/announcements/issues/277	Issue Tracking Mitigation Vendor Advisory
84	https://github.com/dotnet/announcements/issues/277	Issue Tracking Mitigation Vendor Advisory
85	https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73	Product Release Notes
86	https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73	Product Release Notes
87	https://github.com/eclipse/jetty.project/issues/10679	Issue Tracking
88	https://github.com/eclipse/jetty.project/issues/10679	Issue Tracking
89	https://github.com/envoyproxy/envoy/pull/30055	Issue Tracking Patch
90	https://github.com/envoyproxy/envoy/pull/30055	Issue Tracking Patch
91	https://github.com/etcd-io/etcd/issues/16740	Issue Tracking Patch
92	https://github.com/etcd-io/etcd/issues/16740	Issue Tracking Patch
93	https://github.com/facebook/proxygen/pull/466	Issue Tracking Patch
94	https://github.com/facebook/proxygen/pull/466	Issue Tracking Patch
95	https://github.com/golang/go/issues/63417	Issue Tracking
96	https://github.com/golang/go/issues/63417	Issue Tracking
97	https://github.com/grpc/grpc/releases/tag/v1.59.2
98	https://github.com/grpc/grpc-go/pull/6703	Issue Tracking Patch
99	https://github.com/grpc/grpc-go/pull/6703	Issue Tracking Patch
100	https://github.com/h2o/h2o/pull/3291	Issue Tracking Patch
101	https://github.com/h2o/h2o/pull/3291	Issue Tracking Patch
102	https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf	Vendor Advisory
103	https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf	Vendor Advisory
104	https://github.com/haproxy/haproxy/issues/2312	Issue Tracking
105	https://github.com/haproxy/haproxy/issues/2312	Issue Tracking
106	https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244	Product
107	https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244	Product
108	https://github.com/junkurihara/rust-rpxy/issues/97	Issue Tracking
109	https://github.com/junkurihara/rust-rpxy/issues/97	Issue Tracking
110	https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1	Patch
111	https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1	Patch
112	https://github.com/kazu-yamamoto/http2/issues/93	Issue Tracking
113	https://github.com/kazu-yamamoto/http2/issues/93	Issue Tracking
114	https://github.com/Kong/kong/discussions/11741	Issue Tracking
115	https://github.com/Kong/kong/discussions/11741	Issue Tracking
116	https://github.com/kubernetes/kubernetes/pull/121120	Issue Tracking Patch
117	https://github.com/kubernetes/kubernetes/pull/121120	Issue Tracking Patch
118	https://github.com/line/armeria/pull/5232	Issue Tracking Patch
119	https://github.com/line/armeria/pull/5232	Issue Tracking Patch
120	https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632	Patch
121	https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632	Patch
122	https://github.com/micrictor/http2-rst-stream	Exploit Third Party Advisory
123	https://github.com/micrictor/http2-rst-stream	Exploit Third Party Advisory
124	https://github.com/microsoft/CBL-Mariner/pull/6381	Issue Tracking Patch
125	https://github.com/microsoft/CBL-Mariner/pull/6381	Issue Tracking Patch
126	https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61	Patch
127	https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61	Patch
128	https://github.com/nghttp2/nghttp2/pull/1961	Issue Tracking Patch
129	https://github.com/nghttp2/nghttp2/pull/1961	Issue Tracking Patch
130	https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0	Release Notes
131	https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0	Release Notes
132	https://github.com/ninenines/cowboy/issues/1615	Issue Tracking
133	https://github.com/ninenines/cowboy/issues/1615	Issue Tracking
134	https://github.com/nodejs/node/pull/50121	Issue Tracking
135	https://github.com/nodejs/node/pull/50121	Issue Tracking
136	https://github.com/openresty/openresty/issues/930	Issue Tracking
137	https://github.com/openresty/openresty/issues/930	Issue Tracking
138	https://github.com/opensearch-project/data-prepper/issues/3474	Issue Tracking Patch
139	https://github.com/opensearch-project/data-prepper/issues/3474	Issue Tracking Patch
140	https://github.com/oqtane/oqtane.framework/discussions/3367	Issue Tracking
141	https://github.com/oqtane/oqtane.framework/discussions/3367	Issue Tracking
142	https://github.com/projectcontour/contour/pull/5826	Issue Tracking Patch
143	https://github.com/projectcontour/contour/pull/5826	Issue Tracking Patch
144	https://github.com/tempesta-tech/tempesta/issues/1986	Issue Tracking
145	https://github.com/tempesta-tech/tempesta/issues/1986	Issue Tracking
146	https://github.com/varnishcache/varnish-cache/issues/3996	Issue Tracking
147	https://github.com/varnishcache/varnish-cache/issues/3996	Issue Tracking
148	https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo	Mailing List Release Notes Vendor Advisory
149	https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo	Mailing List Release Notes Vendor Advisory
150	https://istio.io/latest/news/security/istio-security-2023-004/	Vendor Advisory
151	https://istio.io/latest/news/security/istio-security-2023-004/	Vendor Advisory
152	https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/	Vendor Advisory
153	https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/	Vendor Advisory
154	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q	Mailing List
155	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q	Mailing List
156	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html	Mailing List Third Party Advisory
157	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html	Mailing List Third Party Advisory
158	https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html	Mailing List
159	https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html	Mailing List
160	https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html	Mailing List
161	https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html	Mailing List
162	https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html	Mailing List
163	https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html	Mailing List
164	https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html	Mailing List
165	https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html	Mailing List
166	https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html	Mailing List
167	https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html	Mailing List
168	https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html	Mailing List
169	https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html	Mailing List
170	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/	Mailing List
171	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/	Mailing List
172	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/	Mailing List
173	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/	Mailing List
174	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/	Mailing List
175	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/	Mailing List
176	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/	Mailing List
177	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/	Mailing List
178	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/	Mailing List
179	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/	Mailing List
180	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/	Mailing List
181	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/	Mailing List
182	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/	Mailing List
183	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/	Mailing List
184	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/	Mailing List
185	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/	Mailing List
186	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/	Mailing List
187	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/	Mailing List
188	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/	Mailing List
189	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/	Mailing List
190	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/	Mailing List Third Party Advisory
191	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
192	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
193	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
194	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
195	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
196	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
197	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
198	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
199	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
200	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
201	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
202	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
203	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
204	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
205	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
206	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
207	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
208	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
209	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
210	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
211	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
212	https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html	Mailing List Third Party Advisory
213	https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html	Mailing List Third Party Advisory
214	https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html	Mailing List Patch Third Party Advisory
215	https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html	Mailing List Patch Third Party Advisory
216	https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html	Third Party Advisory
217	https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html	Third Party Advisory
218	https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/	Patch Vendor Advisory
219	https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/	Patch Vendor Advisory
220	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487	Mitigation Patch Vendor Advisory
221	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487	Mitigation Patch Vendor Advisory
222	https://my.f5.com/manage/s/article/K000137106	Vendor Advisory
223	https://my.f5.com/manage/s/article/K000137106	Vendor Advisory
224	https://netty.io/news/2023/10/10/4-1-100-Final.html	Release Notes Vendor Advisory
225	https://netty.io/news/2023/10/10/4-1-100-Final.html	Release Notes Vendor Advisory
226	https://news.ycombinator.com/item?id=37830987	Issue Tracking
227	https://news.ycombinator.com/item?id=37830987	Issue Tracking
228	https://news.ycombinator.com/item?id=37830998	Issue Tracking Press/Media Coverage
229	https://news.ycombinator.com/item?id=37830998	Issue Tracking Press/Media Coverage
230	https://news.ycombinator.com/item?id=37831062	Issue Tracking
231	https://news.ycombinator.com/item?id=37831062	Issue Tracking
232	https://news.ycombinator.com/item?id=37837043	Issue Tracking
233	https://news.ycombinator.com/item?id=37837043	Issue Tracking
234	https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/	Third Party Advisory
235	https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/	Third Party Advisory
236	https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected	Third Party Advisory
237	https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected	Third Party Advisory
238	https://security.gentoo.org/glsa/202311-09	Third Party Advisory
239	https://security.gentoo.org/glsa/202311-09	Third Party Advisory
240	https://security.netapp.com/advisory/ntap-20231016-0001/	Third Party Advisory
241	https://security.netapp.com/advisory/ntap-20231016-0001/	Third Party Advisory
242	https://security.netapp.com/advisory/ntap-20240426-0007/	Third Party Advisory
243	https://security.netapp.com/advisory/ntap-20240426-0007/	Third Party Advisory
244	https://security.netapp.com/advisory/ntap-20240621-0006/	Exploit Third Party Advisory
245	https://security.netapp.com/advisory/ntap-20240621-0006/	Exploit Third Party Advisory
246	https://security.netapp.com/advisory/ntap-20240621-0007/	Third Party Advisory
247	https://security.netapp.com/advisory/ntap-20240621-0007/	Third Party Advisory
248	https://security.paloaltonetworks.com/CVE-2023-44487	Vendor Advisory
249	https://security.paloaltonetworks.com/CVE-2023-44487	Vendor Advisory
250	https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14	Release Notes
251	https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14	Release Notes
252	https://ubuntu.com/security/CVE-2023-44487	Vendor Advisory
253	https://ubuntu.com/security/CVE-2023-44487	Vendor Advisory
254	https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/	Third Party Advisory
255	https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/	Third Party Advisory
256	https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487	Third Party Advisory US Government Resource
257	https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487	Third Party Advisory US Government Resource
258	https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event	Press/Media Coverage Third Party Advisory
259	https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event	Press/Media Coverage Third Party Advisory
260	https://www.debian.org/security/2023/dsa-5521	Mailing List Vendor Advisory
261	https://www.debian.org/security/2023/dsa-5521	Mailing List Vendor Advisory
262	https://www.debian.org/security/2023/dsa-5522	Mailing List Vendor Advisory
263	https://www.debian.org/security/2023/dsa-5522	Mailing List Vendor Advisory
264	https://www.debian.org/security/2023/dsa-5540	Mailing List Third Party Advisory
265	https://www.debian.org/security/2023/dsa-5540	Mailing List Third Party Advisory
266	https://www.debian.org/security/2023/dsa-5549	Mailing List Third Party Advisory
267	https://www.debian.org/security/2023/dsa-5549	Mailing List Third Party Advisory
268	https://www.debian.org/security/2023/dsa-5558	Mailing List Third Party Advisory
269	https://www.debian.org/security/2023/dsa-5558	Mailing List Third Party Advisory
270	https://www.debian.org/security/2023/dsa-5570	Third Party Advisory
271	https://www.debian.org/security/2023/dsa-5570	Third Party Advisory
272	https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487	Third Party Advisory Vendor Advisory
273	https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487	Third Party Advisory Vendor Advisory
274	https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/	Vendor Advisory
275	https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/	Vendor Advisory
276	https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/	Mitigation Vendor Advisory
277	https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/	Mitigation Vendor Advisory
278	https://www.openwall.com/lists/oss-security/2023/10/10/6	Mailing List Third Party Advisory
279	https://www.openwall.com/lists/oss-security/2023/10/10/6	Mailing List Third Party Advisory
280	https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack	Press/Media Coverage
281	https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack	Press/Media Coverage
282	https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/	Press/Media Coverage Third Party Advisory
283	https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/	Press/Media Coverage Third Party Advisory
284	https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause	Third Party Advisory

Common Vulnerabilities List

JVN Vulnerability Information

インターネット技術タスクフォース (IETF) の http 等複数ベンダの製品におけるリソースの枯渇に関する脆弱性

Title	インターネット技術タスクフォース (IETF) の http 等複数ベンダの製品におけるリソースの枯渇に関する脆弱性
Summary	インターネット技術タスクフォース (IETF) の http 等複数ベンダの製品には、リソースの枯渇に関する脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダアドバイザリまたはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。
Publication Date	Oct. 10, 2023, midnight
Registration Date	Dec. 27, 2023, 2:58 p.m.
Last Update	Aug. 27, 2025, 11:36 a.m.

Affected System

Apache Software Foundation

Apache Tomcat 10.1.0 から 10.1.13

Apache Tomcat 11.0.0

Apache Tomcat 8.5.0 から 8.5.93

Apache Tomcat 9.0.0 から 9.0.80

アップル

SwiftNIO HTTP/2 1.28.0 未満

日立

Cosminexus Component Container

Hitachi Infrastructure Analytics Advisor (海外販売のみ)

Hitachi Ops Center Analyzer (海外販売のみ)

Hitachi Ops Center Analyzer viewpoint (海外販売のみ)

Hitachi Ops Center Viewpoint (国内販売のみ)

uCosminexus Application Server

uCosminexus Application Server-R

uCosminexus Developer

uCosminexus Primary Server Base

uCosminexus Service Architect

uCosminexus Service Platform

F5 Networks

BIG-IP Access Policy Manager (APM) 13.1.0 から 13.1.5

BIG-IP Access Policy Manager (APM) 14.1.0 から 14.1.5

BIG-IP Access Policy Manager (APM) 15.1.0 から 15.1.10

BIG-IP Access Policy Manager (APM) 16.1.0 から 16.1.4

BIG-IP Access Policy Manager (APM) 17.1.0

BIG-IP Advanced Firewall Manager (AFM) 13.1.0 から 13.1.5

BIG-IP Advanced Firewall Manager (AFM) 14.1.0 から 14.1.5

BIG-IP Advanced Firewall Manager (AFM) 15.1.0 から 15.1.10

BIG-IP Advanced Firewall Manager (AFM) 16.1.0 から 16.1.4

BIG-IP Advanced Firewall Manager (AFM) 17.1.0

BIG-IP Advanced Web Application Firewall (WAF) 15.1.0 から 15.1.10

BIG-IP Advanced Web Application Firewall (WAF) 16.1.0 から 16.1.4

BIG-IP Advanced Web Application Firewall (WAF) 17.1.0

BIG-IP Advanced Web Application Firewall (WAF) 13.1.0 から 13.1.5

BIG-IP Advanced Web Application Firewall (WAF) 14.1.0 から 14.1.5

BIG-IP Analytics 13.1.0 から 13.1.5

BIG-IP Analytics 14.1.0 から 14.1.5

BIG-IP Analytics 15.1.0 から 15.1.10

BIG-IP Analytics 16.1.0 から 16.1.4

BIG-IP Analytics 17.1.0

BIG-IP Application Acceleration Manager (AAM) 13.1.0 から 13.1.5

BIG-IP Application Acceleration Manager (AAM) 14.1.0 から 14.1.5

BIG-IP Application Acceleration Manager (AAM) 15.1.0 から 15.1.10

BIG-IP Application Acceleration Manager (AAM) 16.1.0 から 16.1.4

BIG-IP Application Acceleration Manager (AAM) 17.1.0

BIG-IP Application Security Manager (ASM) 13.1.0 から 13.1.5

BIG-IP Application Security Manager (ASM) 14.1.0 から 14.1.5

BIG-IP Application Security Manager (ASM) 15.1.0 から 15.1.10

BIG-IP Application Security Manager (ASM) 16.1.0 から 16.1.4

BIG-IP Application Security Manager (ASM) 17.1.0

BIG-IP Application Visibility and Reporting

BIG-IP Carrier-Grade Network Address Translation (CGNAT)

BIG-IP DDoS Hybrid Defender

BIG-IP Domain Name System (DNS)

BIG-IP Fraud Protection Service (FPS)

BIG-IP Global Traffic Manager (GTM)

Eclipse Foundation

Jetty 10.0.0 以上 10.0.17 未満

Jetty 11.0.0 以上 11.0.17 未満

Jetty 12.0.0 以上 12.0.2 未満

Jetty 9.4.53 未満

The Netty project

Netty 4.1.100 未満

The Go Project

Go 1.20.10 未満

Go 1.21.0 以上 1.21.3 未満

http2 0.17.0 未満

networking 0.17.0 未満

nghttp2 project

nghttp2 1.57.0 未満

インターネット技術タスクフォース (IETF)

http 2.0

Light Code Labs

Caddy 2.7.5 未満

Envoy Proxy

Envoy 1.24.10

Envoy 1.25.9

Envoy 1.26.4

Envoy 1.27.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
CISA Known Exploited Vulnerabilities Catalog
1	CVE-2023-44487	https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Common Vulnerabilities and Exposures (CVE)
2	CVE-2023-44487	https://www.cve.org/CVERecord?id=CVE-2023-44487
National Vulnerability Database (NVD)
3	CVE-2023-44487	https://nvd.nist.gov/vuln/detail/CVE-2023-44487

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-400	https://cwe.mitre.org/data/definitions/400.html

ベンダー情報

No	Name	URL
GitHub
1	Add an HTTP/2 related rate limiting #10564	https://github.com/apache/trafficserver/pull/10564
2	Allow HTTP/2 rate control to mitigate HTTP/2 floods (CVE-2023-44487) #10679	https://github.com/eclipse/jetty.project/issues/10679
3	Document non-impact of CVE-2023-44487 #10	https://github.com/apache/httpd-site/pull/10
4	help request: What's the action for CVE-2023-44487 ? #10320	https://github.com/apache/apisix/issues/10320
5	HTTP/2 Rapid Reset : CVE-2023-44487 #5877	https://github.com/caddyserver/caddy/issues/5877
6	http: Fix CVE CVE-2023-44487 #30055	https://github.com/envoyproxy/envoy/pull/30055
7	httpd/modules/http2/h2_mplx.c	https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
8	Merge pull request from GHSA-xpw8-rcwv-8f8p	https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
9	net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) #63417	https://github.com/golang/go/issues/63417
10	nghttp2 v1.57.0	https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
11	Rework session management #1961	https://github.com/nghttp2/nghttp2/pull/1961
12	tomcat/java/org/apache/coyote/http2/	https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
13	v2.7.5	https://github.com/caddyserver/caddy/releases/tag/v2.7.5
Google Groups
14	[security] Go 1.21.3 and Go 1.20.10 are released	https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
Hitachi Software Vulnerability Information
15	hitachi-sec-2024-116	https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-116/index.html
16	hitachi-sec-2024-150	https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-150/index.html
IETF
17	Top Page	https://www.ietf.org/
Pony Mail
18	ATS is vulnerable to a HTTP/2 and s3 auth plugin attacks	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
Security Advisory
19	K000137106	https://my.f5.com/manage/s/article/K000137106
Swift
20	Swift-nio-http2 security update: CVE-2023-44487 HTTP/2 DOS	https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
The Netty project
21	Netty 4.1.100.Final released	https://netty.io/news/2023/10/10/4-1-100-Final.html
ソフトウェア製品セキュリティ情報
22	hitachi-sec-2024-116	https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2024-116/index.html
23	hitachi-sec-2024-150	https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2024-150/index.html

その他

No	Name	URL
ICS-CERT ADVISORY
1	ICSA-24-074-05	https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-05
2	ICSA-24-165-04	https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-04
3	ICSA-24-228-06	https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-06
4	ICSA-24-319-08	https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08
5	ICSA-25-162-05	https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05
6	ICSA-25-203-04	https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-04
JVN
7	JVNVU#92928084	https://jvn.jp/vu/JVNVU92928084/index.html
8	JVNVU#93250330	https://jvn.jp/vu/JVNVU93250330/index.html
9	JVNVU#93656033	https://jvn.jp/vu/JVNVU93656033/
10	JVNVU#96191615	https://jvn.jp/vu/JVNVU96191615/
11	JVNVU#96443907	https://jvn.jp/vu/JVNVU96443907/
12	JVNVU#99084687	https://jvn.jp/vu/JVNVU99084687/index.html
13	JVNVU#99891704	https://jvn.jp/vu/JVNVU99891704/index.html
US-CERT Vulnerability Note
14	VU#767506	https://www.kb.cert.org/vuls/id/767506
関連文書
15	access.redhat.com (cve-2023-44487)	https://access.redhat.com/security/cve/cve-2023-44487
16	arstechnica.com (how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size)	https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
17	aws.amazon.com (AWS-2023-011)	https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
18	blog.cloudflare.com (technical-breakdown-http2-rapid-reset-ddos-attack)	https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
19	blog.cloudflare.com (zero-day-rapid-reset-http2-record-breaking-ddos-attack)	https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
20	blog.litespeedtech.com (rapid-reset-http-2-vulnerablilty)	https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
21	blog.qualys.com (cve-2023-44487-http-2-rapid-reset-attack)	https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
22	blog.vespa.ai (cve-2023-44487)	https://blog.vespa.ai/cve-2023-44487/
23	bugzilla.proxmox.com (4988)	https://bugzilla.proxmox.com/show_bug.cgi?id=4988
24	bugzilla.redhat.com (2242803)	https://bugzilla.redhat.com/show_bug.cgi?id=2242803
25	bugzilla.suse.com (1216123)	https://bugzilla.suse.com/show_bug.cgi?id=1216123
26	cgit.freebsd.org (commit/c64c329c2c1752f46b73e3e6ce9f4329be6629f9)	https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
27	cloud.google.com (google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps)	https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
28	cloud.google.com (how-it-works-the-novel-http2-rapid-reset-ddos-attack)	https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
29	community.traefik.io (is-traefik-vulnerable-to-cve-2023-44487/20125)	https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
30	discuss.hashicorp.com (hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715)	https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
31	edg.io (resets-leaks-ddos-and-the-tale-of-a-hidden-cve)	https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
32	gist.github.com (7c2bfb8e9cdbe4b35a5e131c66a0c088)	https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
33	github.com (4b9c6836471bc8270ab48aae6fd2181bc73fd632)	https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
34	github.com (6.0.23.md?plain=1#L73)	https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
35	github.com (CVE-2023-44487)	https://github.com/bcdannyboy/CVE-2023-44487
36	github.com (CVE-2023-44487)	https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
37	github.com (discussions/11741)	https://github.com/Kong/kong/discussions/11741
38	github.com (discussions/3367)	https://github.com/oqtane/oqtane.framework/discussions/3367
39	github.com (f61d41a502bd0f60eb24e1ce14edc7b6df6722a1)	https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
40	github.com (GHSA-2m7v-gc89-fjqf)	https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
41	github.com (GHSA-qppj-fm5r-hxr3)	https://github.com/advisories/GHSA-qppj-fm5r-hxr3
42	github.com (GHSA-vx74-f528-fxqg)	https://github.com/advisories/GHSA-vx74-f528-fxqg
43	github.com (GHSA-xpw8-rcwv-8f8p)	https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
44	github.com (http2-rst-stream)	https://github.com/micrictor/http2-rst-stream
45	github.com (issues/1615)	https://github.com/ninenines/cowboy/issues/1615
46	github.com (issues/16740)	https://github.com/etcd-io/etcd/issues/16740
47	github.com (issues/1872)	https://github.com/alibaba/tengine/issues/1872
48	github.com (issues/1986)	https://github.com/tempesta-tech/tempesta/issues/1986
49	github.com (issues/2312)	https://github.com/haproxy/haproxy/issues/2312
50	github.com (issues/277)	https://github.com/dotnet/announcements/issues/277
51	github.com (issues/3474)	https://github.com/opensearch-project/data-prepper/issues/3474
52	github.com (issues/3947)	https://github.com/Azure/AKS/issues/3947
53	github.com (issues/3996)	https://github.com/varnishcache/varnish-cache/issues/3996
54	github.com (issues/4323)	https://github.com/akka/akka-http/issues/4323
55	github.com (issues/93)	https://github.com/kazu-yamamoto/http2/issues/93
56	github.com (issues/930)	https://github.com/openresty/openresty/issues/930
57	github.com (issues/97)	https://github.com/junkurihara/rust-rpxy/issues/97
58	github.com (pull/121120)	https://github.com/kubernetes/kubernetes/pull/121120
59	github.com (pull/3291)	https://github.com/h2o/h2o/pull/3291
60	github.com (pull/466)	https://github.com/facebook/proxygen/pull/466
61	github.com (pull/50121)	https://github.com/nodejs/node/pull/50121
62	github.com (pull/5232)	https://github.com/line/armeria/pull/5232
63	github.com (pull/5826)	https://github.com/projectcontour/contour/pull/5826
64	github.com (pull/6381)	https://github.com/microsoft/CBL-Mariner/pull/6381
65	github.com (pull/6703)	https://github.com/grpc/grpc-go/pull/6703
66	github.com (README.md?plain=1#L239-L244)	https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
67	istio.io (istio-security-2023-004)	https://istio.io/latest/news/security/istio-security-2023-004/
68	linkerd.io (linkerd-cve-2023-44487)	https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
69	lists.debian.org (msg00001)	https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html
70	lists.debian.org (msg00012)	https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html
71	lists.debian.org (msg00020)	https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
72	lists.debian.org (msg00023)	https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html
73	lists.debian.org (msg00024)	https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html
74	lists.debian.org (msg00045)	https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html
75	lists.debian.org (msg00047)	https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html
76	lists.fedoraproject.org (2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
77	lists.fedoraproject.org (3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
78	lists.fedoraproject.org (BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
79	lists.fedoraproject.org (CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
80	lists.fedoraproject.org (E72T67UPDRXHIDLO3OROR25YAMN4GGW5)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
81	lists.fedoraproject.org (FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
82	lists.fedoraproject.org (HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
83	lists.fedoraproject.org (JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
84	lists.fedoraproject.org (JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
85	lists.fedoraproject.org (KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
86	lists.fedoraproject.org (LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
87	lists.fedoraproject.org (LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
88	lists.fedoraproject.org (VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
89	lists.fedoraproject.org (VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
90	lists.fedoraproject.org (WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
91	lists.fedoraproject.org (WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
92	lists.fedoraproject.org (X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
93	lists.fedoraproject.org (XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
94	lists.fedoraproject.org (ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
95	lists.fedoraproject.org (ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
96	lists.fedoraproject.org (ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4)	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
97	lists.w3.org (0025)	https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
98	mailman.nginx.org (S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK)	https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
99	martinthomson.github.io (draft-thomson-httpbis-h2-stream-limits)	https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
100	msrc.microsoft.com (CVE-2023-44487)	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
101	msrc.microsoft.com (microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2)	https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
102	news.ycombinator.com (37830987)	https://news.ycombinator.com/item?id=37830987
103	news.ycombinator.com (37830998)	https://news.ycombinator.com/item?id=37830998
104	news.ycombinator.com (37831062)	https://news.ycombinator.com/item?id=37831062
105	news.ycombinator.com (37837043)	https://news.ycombinator.com/item?id=37837043
106	openssf.org (http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response)	https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
107	seanmonstar.com (hyper-http2-rapid-reset-unaffected)	https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
108	security.gentoo.org (202311-09)	https://security.gentoo.org/glsa/202311-09
109	security.netapp.com (ntap-20231016-0001)	https://security.netapp.com/advisory/ntap-20231016-0001/
110	security.paloaltonetworks.com (CVE-2023-44487)	https://security.paloaltonetworks.com/CVE-2023-44487
111	tomcat.apache.org (security-10.html#Fixed_in_Apache_Tomcat_10.1.14)	https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
112	ubuntu.com (CVE-2023-44487)	https://ubuntu.com/security/CVE-2023-44487
113	www.bleepingcomputer.com (new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records)	https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
114	www.cisa.gov (http2-rapid-reset-vulnerability-cve-2023-44487)	https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
115	www.darkreading.com (internet-wide-zero-day-bug-fuels-largest-ever-ddos-event)	https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
116	www.debian.org (dsa-5521)	https://www.debian.org/security/2023/dsa-5521
117	www.debian.org (dsa-5522)	https://www.debian.org/security/2023/dsa-5522
118	www.debian.org (dsa-5540)	https://www.debian.org/security/2023/dsa-5540
119	www.debian.org (dsa-5549)	https://www.debian.org/security/2023/dsa-5549
120	www.debian.org (dsa-5558)	https://www.debian.org/security/2023/dsa-5558
121	www.debian.org (dsa-5570)	https://www.debian.org/security/2023/dsa-5570
122	www.haproxy.com (haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487)	https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
123	www.netlify.com (netlify-successfully-mitigates-cve-2023-44487)	https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
124	www.nginx.com (http-2-rapid-reset-attack-impacting-f5-nginx-products)	https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
125	www.openwall.com (oss-security/2023/10/10/6)	https://www.openwall.com/lists/oss-security/2023/10/10/6
126	www.openwall.com (oss-security/2023/10/13/4)	http://www.openwall.com/lists/oss-security/2023/10/13/4
127	www.openwall.com (oss-security/2023/10/13/9)	http://www.openwall.com/lists/oss-security/2023/10/13/9
128	www.openwall.com (oss-security/2023/10/18/4)	http://www.openwall.com/lists/oss-security/2023/10/18/4
129	www.openwall.com (oss-security/2023/10/18/8)	http://www.openwall.com/lists/oss-security/2023/10/18/8
130	www.openwall.com (oss-security/2023/10/19/6)	http://www.openwall.com/lists/oss-security/2023/10/19/6
131	www.openwall.com (oss-security/2023/10/20/8)	http://www.openwall.com/lists/oss-security/2023/10/20/8
132	www.phoronix.com (HTTP2-Rapid-Reset-Attack)	https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
133	www.theregister.com (http2_rapid_reset_zeroday)	https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/

Change Log

No	Changed Details	Date of change
4	[2024年06月17日] 参考情報：JVN (JVNVU#93250330) を追加参考情報：ICS-CERT ADVISORY (ICSA-24-165-04) を追加	June 17, 2024, 4:42 p.m.
5	[2024年08月19日] 参考情報：JVN (JVNVU#99084687) を追加参考情報：ICS-CERT ADVISORY (ICSA-24-228-06) を追加	Aug. 19, 2024, 2:08 p.m.
6	[2024年11月19日] 参考情報：JVN (JVNVU#96191615) を追加参考情報：ICS-CERT ADVISORY (ICSA-24-319-08) を追加	Nov. 19, 2024, 10:50 a.m.
7	[2024年12月18日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日立 (hitachi-sec-2024-150) を追加	Dec. 18, 2024, 12:27 p.m.
8	[2025年06月16日] 参考情報：JVN (JVNVU#96443907) を追加参考情報：ICS-CERT ADVISORY (ICSA-25-162-05) を追加	June 16, 2025, 1:45 p.m.
9	[2025年07月24日] 参考情報：JVN (JVNVU#99891704) を追加参考情報：ICS-CERT ADVISORY (ICSA-25-203-04) を追加	July 24, 2025, 1:58 p.m.
3	[2024年03月27日] 参考情報：JVN (JVNVU#93656033) を追加参考情報：ICS-CERT ADVISORY (ICSA-24-074-05) を追加	March 27, 2024, 5:43 p.m.
1	[2023年12月27日] 掲載	Dec. 27, 2023, 2:58 p.m.
2	[2024年03月13日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日立 (hitachi-sec-2024-116) を追加	March 13, 2024, 11:43 a.m.
10	[2025年08月27日] 参考情報：JVN (JVNVU#92928084) を追加参考情報：US-CERT Vulnerability Note (VU#767506) を追加	Aug. 27, 2025, 11:23 a.m.

Configuration9	or higher	or less	more than	less than
cpe:2.3:a:apache:tomcat:11.0.0:milestone1::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone2::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone4::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone3::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone5::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone7::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone8::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone9::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone10::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone6::::::
cpe:2.3:a:apache:tomcat:11.0.0:milestone11::::::
cpe:2.3:a:apache:tomcat::::::::	9.0.0	9.0.80
cpe:2.3:a:apache:tomcat::::::::	8.5.0	8.5.93
cpe:2.3:a:apache:tomcat::::::::	10.1.0	10.1.13

Configuration27	or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
cpe:2.3:a:redhat:jboss_fuse:6.0.0:::::::*
cpe:2.3:a:redhat:satellite:6.0:::::::*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:::::::*
cpe:2.3:a:redhat:decision_manager:7.0:::::::*
cpe:2.3:a:redhat:jboss_core_services:-:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:a:redhat:single_sign-on:7.0:::::::*
cpe:2.3:a:redhat:jboss_fuse:7.0.0:::::::*
cpe:2.3:a:redhat:process_automation:7.0:::::::*
cpe:2.3:a:redhat:jboss_data_grid:7.0.0:::::::*
cpe:2.3:a:redhat:quay:3.0.0:::::::*
cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
cpe:2.3:a:redhat:openstack_platform:16.1:::::::*
cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:::::::*
cpe:2.3:a:redhat:build_of_quarkus:-:::::::*
cpe:2.3:a:redhat:integration_service_registry:-:::::::*
cpe:2.3:a:redhat:integration_camel_k:-:::::::*
cpe:2.3:a:redhat:openshift_service_mesh:2.0:::::::*
cpe:2.3:a:redhat:jboss_a-mq:7:::::::*
cpe:2.3:a:redhat:3scale_api_management_platform:2.0:::::::*
cpe:2.3:a:redhat:ceph_storage:5.0:::::::*
cpe:2.3:a:redhat:openstack_platform:16.2:::::::*
cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
cpe:2.3:a:redhat:ansible_automation_platform:2.0:::::::*
cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:::::::*
cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:::::::*
cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:::::::*
cpe:2.3:a:redhat:openshift_api_for_data_protection:-:::::::*
cpe:2.3:a:redhat:openshift_serverless:-:::::::*
cpe:2.3:a:redhat:build_of_optaplanner:8.0:::::::*
cpe:2.3:a:redhat:openshift_data_science:-:::::::*
cpe:2.3:a:redhat:advanced_cluster_security:4.0:::::::*
cpe:2.3:a:redhat:advanced_cluster_security:3.0:::::::*
cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:::::::*
cpe:2.3:a:redhat:openshift_dev_spaces:-:::::::*
cpe:2.3:a:redhat:cost_management:-:::::::*
cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:::::::*
cpe:2.3:a:redhat:jboss_a-mq_streams:-:::::::*
cpe:2.3:a:redhat:cryostat:2.0:::::::*
cpe:2.3:a:redhat:network_observability_operator:-:::::::*
cpe:2.3:a:redhat:node_healthcheck_operator:-:::::::*
cpe:2.3:a:redhat:openshift_gitops:-:::::::*
cpe:2.3:a:redhat:openshift_virtualization:4:::::::*
cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:::::::*
cpe:2.3:a:redhat:openshift_pipelines:-:::::::*
cpe:2.3:a:redhat:openshift_sandboxed_containers:-:::::::*
cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:::::::*
cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:::::::*
cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:::::::*
cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:::::::*
cpe:2.3:a:redhat:migration_toolkit_for_containers:-:::::::*
cpe:2.3:a:redhat:openstack_platform:17.1:::::::*
cpe:2.3:a:redhat:openshift:-:::::aws::
cpe:2.3:a:redhat:run_once_duration_override_operator:-:::::::*
cpe:2.3:a:redhat:service_interconnect:1.0:::::::*
cpe:2.3:a:redhat:openshift_distributed_tracing:-:::::::*
cpe:2.3:a:redhat:support_for_spring_boot:-:::::::*
cpe:2.3:a:redhat:web_terminal:-:::::::*
cpe:2.3:a:redhat:node_maintenance_operator:-:::::::*
cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:::::::*
cpe:2.3:a:redhat:fence_agents_remediation_operator:-:::::::*
cpe:2.3:a:redhat:self_node_remediation_operator:-:::::::*

Configuration36	or higher	or less	more than	less than
cpe:2.3:a:cisco:unified_contact_center_enterprise:-:::::::*
cpe:2.3:a:cisco:prime_infrastructure::::::::				3.10.4
cpe:2.3:a:cisco:secure_malware_analytics::::::::				2.19.2
cpe:2.3:a:cisco:secure_dynamic_attributes_connector::::::::				2.2.0
cpe:2.3:a:cisco:firepower_threat_defense::::::::				7.4.2
cpe:2.3:o:cisco:fog_director::::::::				1.22
cpe:2.3:o:cisco:ios_xe::::::::				17.15.1
cpe:2.3:a:cisco:prime_network_registrar::::::::				11.2
cpe:2.3:a:cisco:prime_cable_provisioning::::::::				7.2.1
cpe:2.3:a:cisco:prime_access_registrar::::::::				9.3.3
cpe:2.3:a:cisco:data_center_network_manager:-:::::::*
cpe:2.3:a:cisco:iot_field_network_director::::::::				4.11.0
cpe:2.3:o:cisco:ios_xr::::::::				7.11.2
cpe:2.3:a:cisco:crosswork_zero_touch_provisioning::::::::				6.0.0
cpe:2.3:a:cisco:crosswork_data_gateway:5.0:::::::*
cpe:2.3:a:cisco:crosswork_data_gateway::::::::				4.1.3
cpe:2.3:a:cisco:expressway::::::::				x14.3.3
cpe:2.3:a:cisco:connected_mobile_experiences::::::::				11.1
cpe:2.3:a:cisco:telepresence_video_communication_server::::::::				x14.3.3
cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:::::::*
cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server::::::::				12.6.2
cpe:2.3:a:cisco:unified_contact_center_management_portal:-:::::::*
cpe:2.3:a:cisco:unified_attendant_console_advanced:-:::::::*
cpe:2.3:a:cisco:enterprise_chat_and_email:-:::::::*
cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function::::::::				2024.02.0
cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function::::::::				2024.02.0
cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function::::::::				2024.01.0
cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:::::::*

Configuration38		or higher	or less	more than	less than
cpe:2.3:o:cisco:nx-os::::::::					10.2\(7\)
cpe:2.3:o:cisco:nx-os::::::::		10.3\(1\)			10.3\(5\)
execution environment
1	cpe:2.3:h:cisco:nexus_3016:-:::::::*
2	cpe:2.3:h:cisco:nexus_3016q:-:::::::*
3	cpe:2.3:h:cisco:nexus_3048:-:::::::*
4	cpe:2.3:h:cisco:nexus_3064:-:::::::*
5	cpe:2.3:h:cisco:nexus_3064-32t:-:::::::*
6	cpe:2.3:h:cisco:nexus_3064-t:-:::::::*
7	cpe:2.3:h:cisco:nexus_3064-x:-:::::::*
8	cpe:2.3:h:cisco:nexus_3064t:-:::::::*
9	cpe:2.3:h:cisco:nexus_3064x:-:::::::*
10	cpe:2.3:h:cisco:nexus_3100:-:::::::*
11	cpe:2.3:h:cisco:nexus_3100-v:-:::::::*
12	cpe:2.3:h:cisco:nexus_3100-z:-:::::::*
13	cpe:2.3:h:cisco:nexus_3100v:-:::::::*
14	cpe:2.3:h:cisco:nexus_31108pc-v:-:::::::*
15	cpe:2.3:h:cisco:nexus_31108pv-v:-:::::::*
16	cpe:2.3:h:cisco:nexus_31108tc-v:-:::::::*
17	cpe:2.3:h:cisco:nexus_31128pq:-:::::::*
18	cpe:2.3:h:cisco:nexus_3132c-z:-:::::::*
19	cpe:2.3:h:cisco:nexus_3132q:-:::::::*
20	cpe:2.3:h:cisco:nexus_3132q-v:-:::::::*
21	cpe:2.3:h:cisco:nexus_3132q-x:-:::::::*
22	cpe:2.3:h:cisco:nexus_3132q-x\/3132q-xl:-:::::::*
23	cpe:2.3:h:cisco:nexus_3132q-xl:-:::::::*
24	cpe:2.3:h:cisco:nexus_3164q:-:::::::*
25	cpe:2.3:h:cisco:nexus_3172:-:::::::*
26	cpe:2.3:h:cisco:nexus_3172pq:-:::::::*
27	cpe:2.3:h:cisco:nexus_3172pq-xl:-:::::::*
28	cpe:2.3:h:cisco:nexus_3172pq\/pq-xl:-:::::::*
29	cpe:2.3:h:cisco:nexus_3172tq:-:::::::*
30	cpe:2.3:h:cisco:nexus_3172tq-32t:-:::::::*
31	cpe:2.3:h:cisco:nexus_3172tq-xl:-:::::::*
32	cpe:2.3:h:cisco:nexus_3200:-:::::::*
33	cpe:2.3:h:cisco:nexus_3232:-:::::::*
34	cpe:2.3:h:cisco:nexus_3232c:-:::::::*
35	cpe:2.3:h:cisco:nexus_3232c_:-:::::::*
36	cpe:2.3:h:cisco:nexus_3264c-e:-:::::::*
37	cpe:2.3:h:cisco:nexus_3264q:-:::::::*
38	cpe:2.3:h:cisco:nexus_3400:-:::::::*
39	cpe:2.3:h:cisco:nexus_3408-s:-:::::::*
40	cpe:2.3:h:cisco:nexus_34180yc:-:::::::*
41	cpe:2.3:h:cisco:nexus_34200yc-sm:-:::::::*
42	cpe:2.3:h:cisco:nexus_3432d-s:-:::::::*
43	cpe:2.3:h:cisco:nexus_3464c:-:::::::*
44	cpe:2.3:h:cisco:nexus_3500:-:::::::*
45	cpe:2.3:h:cisco:nexus_3524:-:::::::*
46	cpe:2.3:h:cisco:nexus_3524-x:-:::::::*
47	cpe:2.3:h:cisco:nexus_3524-x\/xl:-:::::::*
48	cpe:2.3:h:cisco:nexus_3524-xl:-:::::::*
49	cpe:2.3:h:cisco:nexus_3548:-:::::::*
50	cpe:2.3:h:cisco:nexus_3548-x:-:::::::*
51	cpe:2.3:h:cisco:nexus_3548-x\/xl:-:::::::*
52	cpe:2.3:h:cisco:nexus_3548-xl:-:::::::*
53	cpe:2.3:h:cisco:nexus_3600:-:::::::*
54	cpe:2.3:h:cisco:nexus_36180yc-r:-:::::::*
55	cpe:2.3:h:cisco:nexus_3636c-r:-:::::::*

Configuration39		or higher	or less	more than	less than
cpe:2.3:o:cisco:nx-os::::::::					10.2\(7\)
cpe:2.3:o:cisco:nx-os::::::::		10.3\(1\)			10.3\(5\)
execution environment
1	cpe:2.3:h:cisco:nexus_9000v:-:::::::*
2	cpe:2.3:h:cisco:nexus_9200:-:::::::*
3	cpe:2.3:h:cisco:nexus_9200yc:-:::::::*
4	cpe:2.3:h:cisco:nexus_92160yc-x:-:::::::*
5	cpe:2.3:h:cisco:nexus_92160yc_switch:-:::::::*
6	cpe:2.3:h:cisco:nexus_9221c:-:::::::*
7	cpe:2.3:h:cisco:nexus_92300yc:-:::::::*
8	cpe:2.3:h:cisco:nexus_92300yc_switch:-:::::::*
9	cpe:2.3:h:cisco:nexus_92304qc:-:::::::*
10	cpe:2.3:h:cisco:nexus_92304qc_switch:-:::::::*
11	cpe:2.3:h:cisco:nexus_9232e:-:::::::*
12	cpe:2.3:h:cisco:nexus_92348gc-x:-:::::::*
13	cpe:2.3:h:cisco:nexus_9236c:-:::::::*
14	cpe:2.3:h:cisco:nexus_9236c_switch:-:::::::*
15	cpe:2.3:h:cisco:nexus_9272q:-:::::::*
16	cpe:2.3:h:cisco:nexus_9272q_switch:-:::::::*
17	cpe:2.3:h:cisco:nexus_9300:-:::::::*
18	cpe:2.3:h:cisco:nexus_93108tc-ex:-:::::::*
19	cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:::::::*
20	cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:::::::*
21	cpe:2.3:h:cisco:nexus_93108tc-fx:-:::::::*
22	cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:::::::*
23	cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:::::::*
24	cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:::::::*
25	cpe:2.3:h:cisco:nexus_93120tx:-:::::::*
26	cpe:2.3:h:cisco:nexus_93120tx_switch:-:::::::*
27	cpe:2.3:h:cisco:nexus_93128:-:::::::*
28	cpe:2.3:h:cisco:nexus_93128tx:-:::::::*
29	cpe:2.3:h:cisco:nexus_93128tx_switch:-:::::::*
30	cpe:2.3:h:cisco:nexus_9316d-gx:-:::::::*
31	cpe:2.3:h:cisco:nexus_93180lc-ex:-:::::::*
32	cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:::::::*
33	cpe:2.3:h:cisco:nexus_93180tc-ex:-:::::::*
34	cpe:2.3:h:cisco:nexus_93180yc-ex:-:::::::*
35	cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:::::::*
36	cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:::::::*
37	cpe:2.3:h:cisco:nexus_93180yc-fx:-:::::::*
38	cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:::::::*
39	cpe:2.3:h:cisco:nexus_93180yc-fx3:-:::::::*
40	cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:::::::*
41	cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:::::::*
42	cpe:2.3:h:cisco:nexus_93216tc-fx2:-:::::::*
43	cpe:2.3:h:cisco:nexus_93240tc-fx2:-:::::::*
44	cpe:2.3:h:cisco:nexus_93240yc-fx2:-:::::::*
45	cpe:2.3:h:cisco:nexus_9332c:-:::::::*
46	cpe:2.3:h:cisco:nexus_9332d-gx2b:-:::::::*
47	cpe:2.3:h:cisco:nexus_9332d-h2r:-:::::::*
48	cpe:2.3:h:cisco:nexus_9332pq:-:::::::*
49	cpe:2.3:h:cisco:nexus_9332pq_switch:-:::::::*
50	cpe:2.3:h:cisco:nexus_93360yc-fx2:-:::::::*
51	cpe:2.3:h:cisco:nexus_9336c-fx2:-:::::::*
52	cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:::::::*
53	cpe:2.3:h:cisco:nexus_9336pq:-:::::::*
54	cpe:2.3:h:cisco:nexus_9336pq_aci:-:::::::*
55	cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:::::::*
56	cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:::::::*
57	cpe:2.3:h:cisco:nexus_9348d-gx2a:-:::::::*
58	cpe:2.3:h:cisco:nexus_9348gc-fx3:-:::::::*
59	cpe:2.3:h:cisco:nexus_9348gc-fxp:-:::::::*
60	cpe:2.3:h:cisco:nexus_93600cd-gx:-:::::::*
61	cpe:2.3:h:cisco:nexus_9364c:-:::::::*
62	cpe:2.3:h:cisco:nexus_9364c-gx:-:::::::*
63	cpe:2.3:h:cisco:nexus_9364d-gx2a:-:::::::*
64	cpe:2.3:h:cisco:nexus_9372px:-:::::::*
65	cpe:2.3:h:cisco:nexus_9372px-e:-:::::::*
66	cpe:2.3:h:cisco:nexus_9372px-e_switch:-:::::::*
67	cpe:2.3:h:cisco:nexus_9372px_switch:-:::::::*
68	cpe:2.3:h:cisco:nexus_9372tx:-:::::::*
69	cpe:2.3:h:cisco:nexus_9372tx-e:-:::::::*
70	cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:::::::*
71	cpe:2.3:h:cisco:nexus_9372tx_switch:-:::::::*
72	cpe:2.3:h:cisco:nexus_9396px:-:::::::*
73	cpe:2.3:h:cisco:nexus_9396px_switch:-:::::::*
74	cpe:2.3:h:cisco:nexus_9396tx:-:::::::*
75	cpe:2.3:h:cisco:nexus_9396tx_switch:-:::::::*
76	cpe:2.3:h:cisco:nexus_9408:-:::::::*
77	cpe:2.3:h:cisco:nexus_9432pq:-:::::::*
78	cpe:2.3:h:cisco:nexus_9500:-:::::::*
79	cpe:2.3:h:cisco:nexus_9500_16-slot:-:::::::*
80	cpe:2.3:h:cisco:nexus_9500_4-slot:-:::::::*
81	cpe:2.3:h:cisco:nexus_9500_8-slot:-:::::::*
82	cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:::::::*
83	cpe:2.3:h:cisco:nexus_9500_supervisor_a\+:-:::::::*
84	cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:::::::*
85	cpe:2.3:h:cisco:nexus_9500_supervisor_b\+:-:::::::*
86	cpe:2.3:h:cisco:nexus_9500r:-:::::::*
87	cpe:2.3:h:cisco:nexus_9504:-:::::::*
88	cpe:2.3:h:cisco:nexus_9504_switch:-:::::::*
89	cpe:2.3:h:cisco:nexus_9508:-:::::::*
90	cpe:2.3:h:cisco:nexus_9508_switch:-:::::::*
91	cpe:2.3:h:cisco:nexus_9516:-:::::::*
92	cpe:2.3:h:cisco:nexus_9516_switch:-:::::::*
93	cpe:2.3:h:cisco:nexus_9536pq:-:::::::*
94	cpe:2.3:h:cisco:nexus_9636pq:-:::::::*
95	cpe:2.3:h:cisco:nexus_9716d-gx:-:::::::*
96	cpe:2.3:h:cisco:nexus_9736pq:-:::::::*
97	cpe:2.3:h:cisco:nexus_9800:-:::::::*
98	cpe:2.3:h:cisco:nexus_9804:-:::::::*
99	cpe:2.3:h:cisco:nexus_9808:-:::::::*