Home/CVE/HTTP/2 Rapid Reset Attack Vulnerability
CVE

CVE-2023-44487

HTTP/2 Rapid Reset Attack Vulnerability

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

HIGH · CVSS 7.5 ⚠ CISA KEV EPSS 0.944
Act now
  • Listed on CISA KEV (known exploited in the wild)
  • SSVC exploitation status: active
  • EPSS ≥ 0.50 - high probability of exploitation in the next 30 days
  • EPSS percentile: top 0% of all CVEs by exploitation likelihood
  • Public exploit or PoC is available
  • SSVC automatable: yes - attacks can be scripted at scale
  • CVSS base score ≥ 7.0
Sigma rules1 YARA rules0

Required Remediation

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weakness Classification

CWE-400Uncontrolled Resource Consumption

Affected Products & Versions

53
siemens simatic s7-1500 cpu 1518f-4 pn\/dp mfp firmware>= 3.1.5
siemens sinec ins< 1.0
siemens sinec insall versions
siemens sinec nms< 3.0
siemens st7 scadaconnect< 1.1
siemens ruggedcom ape1808 firmwareall versions
siemens simatic s7-1500 cpu 1518-4 pn\/dp mfp firmware>= 3.1.5
siemens siplus s7-1500 cpu 1518-4 pn\/dp mfp firmware>= 3.1.5

Affected Packages

16
Language-ecosystem packages (from OSV) tied to this CVE, with the version that fixes it - the dependency-level detail NVD doesn’t carry.
Go github.com/nghttp2/nghttp2 HIGH fixed in 1.57.0
Go golang.org/x/net fixed in 0.17.0
Go google.golang.org/grpc fixed in 1.56.3, 1.57.1, 1.58.3
Go stdlib fixed in 1.20.10, 1.21.3
Maven com.typesafe.akka:akka-http-core MEDIUM fixed in 10.5.3
Maven com.typesafe.akka:akka-http-core_2.11 MEDIUM
Maven com.typesafe.akka:akka-http-core_2.12 MEDIUM fixed in 10.5.3
Maven com.typesafe.akka:akka-http-core_2.13 MEDIUM fixed in 10.5.3
Maven io.netty:netty-codec-http2 HIGH fixed in 4.1.100.Final
Maven org.apache.tomcat.embed:tomcat-embed-core MEDIUM fixed in 11.0.0-M12
Maven org.apache.tomcat:tomcat-coyote MEDIUM fixed in 11.0.0-M12
Maven org.eclipse.jetty.http2:http2-common MEDIUM fixed in 9.4.53
Maven org.eclipse.jetty.http2:http2-server MEDIUM fixed in 9.4.53
Maven org.eclipse.jetty.http2:jetty-http2-common MEDIUM fixed in 12.0.2
Maven org.eclipse.jetty.http2:jetty-http2-server MEDIUM fixed in 12.0.2
SwiftURL github.com/apple/swift-nio-http2 MEDIUM fixed in 1.28.0

Public Exploits & PoCs

2
remoteHTTP/2 2.0 - Denial Of Service (DOS)2025-09-16
pocgithub.com · http2-rst-streamgithub.com

Sigma Hunt Rules

1
Exact rules name this CVE ID. Product rules name an affected product in their title. Related rules cover techniques used by actors who exploited this CVE. Showing the most relevant matches; the complete related set is on the full drill-down.
productmediumTomcat WebServer Logs Deleted

Scoring & Timeline

7.5
HIGH · CVSS v3.1 · cve@mitre.org
View on NVD
Attack Vector
Network Adjacent Local Physical
Attack Complexity
Low High
Privileges Required
None Low High
User Interaction
None Required
Scope
Unchanged Changed
Confidentiality
None Low High
Integrity
None Low High
Availability
None Low High
Published to NVD10 Oct 2023 · 02:15 PM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SSVC triage · cisa-vulnrichment
Exploitation
active
Automatable
yes
Technical impact
partial
SSVC asks the questions that actually drive patch urgency: is it being exploited, can attacks be automated, and how total is the impact.

Vendor Advisories

30
suse-csafopenSUSE-SU-2026:10751-1
rhsaRHSA-2026:8322Critical
suse-csafSUSE-SU-2026:1058-1
rhsaRHSA-2026:0722Important
rhsaRHSA-2025:23528Important
🔗

References & Sources

79
Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.
http://www.openwall.com/lists/oss-security/2023/10/10/6Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/10/7Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/13/4Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/13/9Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/18/4Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/10/18/8Mailing ListThird Party Advisory
Intelligence Graph · click any node to traverse
CVETechnique ActorTool Family
drag to reposition · click any node to traverse · button top-right enlarges
External lookups - second-class, for what we don’t hold ourselves
NVDCVE.orgCISAVulnersExploit-DBGitHub PoCVulnCheck KEVGreyNoise
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin