CVE-2023-41378
Published: 06 November 2023
Summary
CVE-2023-41378 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Tigera Calico Enterprise. Its CVSS base score is 7.5 (High).
Operationally, ranked at the 45.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-2890
Vulnerability details
In certain conditions for Calico Typha (v3.26.2, v3.25.1 and below), and Calico Enterprise Typha (v3.17.1, v3.16.3, v3.15.3 and below), a client TLS handshake can block the Calico Typha server indefinitely, resulting in denial of service. The TLS Handshake() call is…
more
performed inside the main server handle for loop without any timeout allowing an unclean TLS handshake to block the main loop indefinitely while other connections will be idle waiting for that handshake to finish.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Updated contingency plans include current procedures to detect, contain, and recover from resource exhaustion, limiting an attacker's ability to sustain impact from uncontrolled consumption.
MTTF monitoring plus ready substitutes directly mitigate sustained resource exhaustion by allowing component swap before or at failure.
Implements explicit check and handling for the exceptional condition of audit logging process failure.
Provides a defined response to detected conditions by restricting operation, ensuring exceptional conditions are handled rather than ignored or mishandled.
Contingency training equips users with defined procedures to check and respond to exceptional conditions during disruptions, reducing exploitation of mishandled errors.
Contingency plan testing includes resource exhaustion scenarios to verify recovery, making it harder for attackers to sustain exploits that cause uncontrolled consumption.
Policy defines checks and handling for exceptional conditions arising from security incidents.
Performing IR tests ensures exceptional conditions are properly checked and handled to enable effective response.