First published: Thu Nov 02 2023(Updated: )
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.<br>Data Grid 7.3.11 replaces Data Grid 7.3.10 and includes bug fixes and enhancements. Find out more about Data Grid 7.3.11 in the Release Notes [3].<br>Security Fix(es):<br><li> netty-codec-http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)</li> <li> undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)</li> A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.<br>For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
Red Hat JBoss Data Grid |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of RHSA-2023:6286 is categorized as important.
To fix RHSA-2023:6286, upgrade to Red Hat Data Grid 7.3.11.
RHSA-2023:6286 addresses security vulnerabilities present in previous versions of Red Hat Data Grid.
No, RHSA-2023:6286 specifically pertains to Red Hat Data Grid version 7.3.10 and earlier.
All users and administrators of affected Red Hat Data Grid versions should apply the updates to ensure security.