Описание
HTTP V3 Denial of Service Vulnerability
Меры по смягчению последствий
Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation:
A prerequisite for a server to be vulnerable is that the binding has HTTP/3 enabled and the server uses buffered I/O. HTTP/3 support for services is a new feature of Windows Server 2022. Currently, enabling HTTP/3 is done via a registry key as discussed in this article: Enabling HTTP/3 support on Windows Server 2022
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2022 | ||
| Windows Server 2022 (Server Core installation) | ||
| Windows 11 version 21H2 for x64-based Systems | ||
| Windows 11 version 21H2 for ARM64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
7.5 High
CVSS3
Связанные уязвимости
Уязвимость реализации сетевого протокола HTTP/3 операционных систем Microsoft Windows, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3