HTTP/2 Vulnerability Let Hackers Launch DOS Attacks on Web Servers

Researchers identified a significant vulnerability within the HTTP/2 protocol, potentially allowing hackers to launch Denial of Service (DOS) attacks on web servers.

The vulnerability tracked as CVE-2024-28182 has raised concerns among internet security experts and prompted responses from various technology vendors.

The CERT Coordination Center (CERT/CC) disclosed the vulnerability in a vulnerability note VU#421644.

It has been assigned the Common Vulnerabilities and Exposures (CVE) identifier CVE-2024-28182. This security flaw is particularly worrisome because it affects the HTTP/2 protocol, which is widely used for secure communications on the Internet.

Document
Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

Impact on Vendors and Products

This vulnerability has impacted several technology vendors. Arista Networks, a prominent player in the networking space, has confirmed that some of its products are susceptible to the identified threat.

The company has provided a detailed advisory on the affected products and their impact on its official website.

Fastly, a global cloud platform has also acknowledged the impact of vulnerability on its services.

The company’s statement, dated April 5, 2024, indicates that CVE-2023-45288 is among the affected vulnerabilities. However, Fastly has not yet received a statement from the vendor regarding several other CVEs.

The Go Programming Language is another affected entity, with its net/http and golang.org/x/net/http2 packages being vulnerable due to a lack of a limit on the number of headers for a request.

SUSE, a significant software company known for its Linux distributions, has also reported that its distributions contain affected packages.

The company has committed to shipping updated Go compilers and rebuilt Go packages once available.

The CVE-2024-28182 vulnerability allows attackers to exploit the HTTP/2 protocol by overwhelming a web server with a flood of data, leading to a DOS attack.

This attack can render the server unresponsive to legitimate traffic, effectively taking it offline and disrupting services.

Free Webinarfor DIFR/SOC Teams: Securing the Top 3 SME Cyber Attack Vectors - Register Here.

Responses and Mitigations

Since the vulnerability was discovered, affected vendors have been working on patches and updates to mitigate the risk.

Arista Networks has already provided information on the affected products and their steps to address the issue. Similarly, SUSE has announced plans to release updated compilers and packages to protect against the vulnerability.

The Importance of Timely Updates

The identification of CVE-2024-28182 underscores the importance of timely security updates and the need to monitor cybersecurity threats continuously.

Organizations using affected products are advised to follow the vendor’s guidance and apply necessary patches or updates as soon as possible to protect against potential attacks.

The discovery of the CVE-2024-28182 vulnerability in the HTTP/2 protocol reminds us of the ever-present risks in the digital landscape.

As cyber threats evolve, the collaboration between vendors, security researchers, and the broader cybersecurity community becomes increasingly crucial in identifying and mitigating such vulnerabilities.

Users and administrators are urged to stay vigilant and ensure their systems are up-to-date with the latest security measures.

Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging…

48 minutes ago

Threat Actors Target Critical National Infrastructure with New Malware and Tools

A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term…

2 hours ago

New StealC V2 Upgrade Targets Microsoft Installer Packages and PowerShell Scripts

StealC, a notorious information stealer and malware downloader first sold in January 2023, has rolled…

3 hours ago

Subscription-Based Scams Targeting Users to Steal Credit Card Information

Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by an…

4 hours ago

RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists

SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering…

9 hours ago

Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss

Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in…

9 hours ago