What is CVE-2022-23943?

CVE-2022-23943 is a Denial of Service Apache vulnerability in the mod_sed module of the Apache HTTP server. The vulnerability affects all Apache 2.4 versions up to 2.4.52 (inclusive), given the mod_sed filter is used for request or response editing.

Who is affected by CVE-2022-23943?

The vulnerability can be easily exploited by sending large amounts of data in the request’s body, if the mod_sed filter module is required to process said data, causing a Denial of Service and a short downtime for one of the HTTP server’s processes. If an attack is to be carried out by making multiple requests to the server over a long period of time, a complete Denial of Service can occur, causing all the server’s processes to shut down repeatedly.

How can you remediate CVE-2022-23943?

We recommend upgrading Apache to the latest version, which is currently 2.4.53. If it is not possible to upgrade Apache, we highly recommend applying the patch which fixes this vulnerability in the mod_sed filter module.

What mitigation options are available for CVE-2022-23943?

In case upgrading Apache to the latest version or applying the patch aren’t possible, it is required to limit the POST method’s body size so that the vulnerability can’t be triggered. In order to do so, you’ll need to use the LimitRequestBody directive in Apache’s configuration file.

cve-analysis Archives

Contextual Analysis for Python, Java, and JavaScript with JFrog Frogbot

SHARE:

Contextual Analysis for Python, Java, and JavaScript Projects with JFrog Frogbot

September 08, 2023

When scanning packages, CVE (Common Vulnerabilities and Exposures) scanners can find thousands of vulnerabilities. This leaves developers with the painstaking task of sifting through long lists of vulnerabilities to identify the relevance of each, only to find that many vulnerabilities don’t affect their artifacts at all. Vulnerability Contextual Analysis uses the artifact context to eliminate …

SHARE:

Spring WebFlux – CVE-2023-34034 – Write-Up and Proof-of-Concept

August 08, 2023

Spring Security’s newly released versions contain a fix for a broken access control vulnerability – CVE-2023-34034 – which was given a critical NVD severity (CVSS 9.8) and a high severity by Spring’s maintainers. Given the severe potential impact of the vulnerability on Spring WebFlux applications (that use Spring Security for authentication and access control), its …

OpenSSH Pre-Auth Double Free CVE-2023-25136 Writeup and PoC

SHARE:

OpenSSH Pre-Auth Double Free CVE-2023-25136 – Writeup and Proof-of-Concept

February 08, 2023

OpenSSH’s newly released version 9.2p1 contains a fix for a double-free vulnerability. Given the severe potential impact of the vulnerability on OpenSSH servers (DoS/RCE) and its high popularity in the industry, this security fix prompted the JFrog Security Research team to investigate the vulnerability. This blog post provides details on the vulnerability, who is affected, …

SHARE:

CVE-2022-3602 and CVE-2022-3786 – High-severity OpenSSL Vulnerabilities Finally Published

November 02, 2022

How did we get here? On October 25th, The OpenSSL team announced that OpenSSL 3.0.7 will contain a fix for a critical severity vulnerability that affects OpenSSL 3.x. The full details about the vulnerability were held in an embargo until November 1st. Due to the rarity of an OpenSSL critical-severity issue and the overwhelming popularity …

SHARE:

CVE-2021-38297 – Analysis of a Go Web Assembly vulnerability

August 30, 2022

The JFrog Security Research team continuously monitors reported vulnerabilities in open-source software (OSS) to help our customers and the wider community be aware of potential software supply chain security threats and their impact. In doing so, we often notice important trends and key learnings worth highlighting. The following analysis of a vulnerability discovered in the …

SHARE:

CVE-2022-25845 – Analyzing the Fastjson “Auto Type Bypass” RCE vulnerability

June 14, 2022

A few weeks ago, a new version for Fastjson was released (1.2.83) which contains a fix for a security vulnerability that allegedly allows an attacker to execute code on a remote machine. According to several publications, this vulnerability allows an attacker to bypass the “AutoTypeCheck” mechanism in Fastjson and achieve remote code execution. This Fastjson …

JNDI - Unauthenticated RCE in H2 Database Console

SHARE:

CVE-2022-21449 “Psychic Signatures”: Analyzing the New Java Crypto Vulnerability

April 21, 2022

A few days ago, security researcher Neil Madden published a blog post, in which he provided details about a newly disclosed vulnerability in Java, CVE-2022-21449 or “Psychic Signatures”. This security vulnerability originates in an improper implementation of the ECDSA signature verification algorithm, introduced in Java 15. This vulnerability allows an attacker to potentially intercept communication …

SHARE:

CVE-2022-24675 – Stack overflow (exhaustion) in Go’s PEM decoder

April 18, 2022

A few days ago it was reported that the new Go versions 1.18.1 and 1.17.9 contain fixes for a stack overflow vulnerability in the encoding/pem builtin package, in the Decode function. Given the high popularity of Go among our customers and in the industry at large, this update led us to investigate the vulnerability in …

SHARE:

SpringShell (Spring4Shell) Zero-Day Vulnerability CVE-2022-22965 : All You Need To Know

March 31, 2022

On March 29th, the cyberkendra security blog posted a sensational post about a Log4Shell-equivalent remote code execution (RCE) zero-day vulnerability in Spring Framework, but without any solid details about the vulnerability itself. The security vulnerability was nicknamed “SpringShell” (or “Spring4Shell”) , due to its alleged significance likening the infamous “Log4Shell.” A day later, on March …

Apache RCE and DoS vulnerabilities 863x300

SHARE:

Diving into CVE-2022-23943 – a new Apache memory corruption vulnerability

March 17, 2022

A few days ago it was reported that the new Apache version 2.4.53 contains fixes for several bugs which exposed the users of the well known HTTP server to attacks: CVE-2022-22719 relates to a bug in the mod_lua modules which may lead to Denial of Service after reading from a random memory Area, CVE-2022-22720 exposes …

Contextual Analysis for Python, Java, and JavaScript Projects with JFrog Frogbot

Spring WebFlux – CVE-2023-34034 – Write-Up and Proof-of-Concept

OpenSSH Pre-Auth Double Free CVE-2023-25136 – Writeup and Proof-of-Concept

CVE-2022-3602 and CVE-2022-3786 – High-severity OpenSSL Vulnerabilities Finally Published

CVE-2021-38297 – Analysis of a Go Web Assembly vulnerability

CVE-2022-25845 – Analyzing the Fastjson “Auto Type Bypass” RCE vulnerability

CVE-2022-21449 “Psychic Signatures”: Analyzing the New Java Crypto Vulnerability

CVE-2022-24675 – Stack overflow (exhaustion) in Go’s PEM decoder

SpringShell (Spring4Shell) Zero-Day Vulnerability CVE-2022-22965 : All You Need To Know

Diving into CVE-2022-23943 – a new Apache memory corruption vulnerability

Popular Tags