CVE-2023-41378
Summary
Calico Typha and Calico Enterprise Typha versions prior to specific releases are vulnerable to a denial-of-service attack. A client TLS handshake can indefinitely block the Calico Typha server due to an unprotected blocking call in the main server loop, preventing other connections from being processed.
IFF Assessment
FOE
This vulnerability allows for a denial-of-service, which can disrupt critical network services.
Severity
7.5
High
Defender Context
Defenders should prioritize patching affected versions of Calico Typha and Calico Enterprise Typha to mitigate the risk of denial-of-service attacks. Network segmentation and traffic monitoring can also help detect and limit the impact of such exploits.