March 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC WS Series Vulnerability
May 22, 2023Rewterz Threat Advisory – Multiple Apple Safari, iOS and iPadOS Vulnerabilities
May 23, 2023Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC WS Series Vulnerability
May 22, 2023Rewterz Threat Advisory – Multiple Apple Safari, iOS and iPadOS Vulnerabilities
May 23, 2023
Severity
High
Analysis Summary
CVE-2023-28709
Apache Tomcat is vulnerable to a denial of service, caused by an incomplete fix for CVE-2023-24998 related to the failure to limit the number of request parts to be processed in the file upload function. By sending a specially crafted request using query string parameters, a remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-28709
Affected Vendors
Apache
Affected Products
- Apache Tomcat 8.5.85
- Apache Tomcat 9.0.71
- Apache Tomcat 10.1.5
- Apache Tomcat 11.0.0-M2
Remediation
Upgrade to the latest version of Apache Tomcat, available from the Apache Web site.