CVE-2023-34061: – Gorouter route pruning
Published Jan 12, 2024
·Updated
Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment.
Affected Software
2 affected components
Pivotal Cloud Foundry Deployment>=0.28.0<=33.5.0
Pivotal Cloud Foundry Routing Release>=0.163.0<=0.283.0
Event History
Jan 12, 2024
CVE Published
via MITRE·07:01 AM
Data Sourced
via MITRE·07:01 AM
DescriptionSeverity
Data Sourced
via NVD·07:15 AM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2023-34061?
CVE-2023-34061 is classified as a denial of service (DoS) vulnerability.
2
How do I fix CVE-2023-34061?
To mitigate CVE-2023-34061, upgrade affected Cloud Foundry routing release versions to versions beyond v0.283.0.
3
What versions of Cloud Foundry are affected by CVE-2023-34061?
CVE-2023-34061 affects Cloud Foundry routing release versions from v0.163.0 to v0.283.0.
4
Can an authenticated user exploit CVE-2023-34061?
No, CVE-2023-34061 can be exploited by unauthenticated attackers.
5
What impact does CVE-2023-34061 have on Cloud Foundry deployments?
CVE-2023-34061 can lead to degraded service availability due to forced route pruning.