CVE-2024-9823
Published: Oct 14, 2024
Modified: Nov 3, 2025
CVSS v3.1
5.3
Description
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally.
| Vendor | Product | Versions |
|---|---|---|
Eclipse Foundation | Jetty | affected 9.0.0 - < 9.4.54affected 10.0.0 - < 10.0.18affected 11.0.0 - < 11.0.18 |
Eclipse Jetty | Jetty | affected 12.0.0 - < 12.0.3 |
Eclipse Jetty | Jetty | affected 12.0.0 - < 12.0.3 |
Eclipse Jetty | Jetty | affected 12.0.0 - < 12.0.3 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now