A recent disclosure pinpointed a vulnerability in the HTTP/2 protocol (CVE-2023-44487), which under certain conditions, could lead to a denial-of-service attack targeting platforms implementing the server-side portion of the HTTP/2 specification. The vulnerability arises from the misuse of HTTP/2’s concurrent data stream initiation feature.
Upon learning about this vulnerability, our team at ThreatX conducted a comprehensive examination and confirmed that ThreatX customers are not susceptible to this particular attack. For additional information or further clarification, our Security Operations Center is available at firstname.lastname@example.org.
Read more about the vulnerability: https://www.cve.org/CVERecord?id=CVE-2023-44487.