Red Hat Product Security has come to the conclusion that this CVE is not needed.

Metrics

No CVSS v4.0

Attack Vector Physical

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Redhat
  • Openshift Data Foundation

No data.

Package CPE Advisory Released Date
RHODF-4.16-RHEL-9
odf4/odf-rhel9-operator:v4.16.2-2 cpe:/a:redhat:openshift_data_foundation:4.16::el9 RHSA-2024:6755 2024-09-18T00:00:00Z

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://nvd.nist.gov/vuln/detail/CVE-2024-8421 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-8421 cve-icon
History

Wed, 30 Oct 2024 22:30:00 +0000

Type Values Removed Values Added
References

Wed, 30 Oct 2024 21:45:00 +0000

Type Values Removed Values Added
Description This CVE has been rejected. Red Hat Product Security has come to the conclusion that this CVE is not needed.
Title Golang.org/x/net/http2: multiple http/2 enabled web servers (rapid reset attack) golang.org/x/net/http2: Multiple HTTP/2 enabled web servers (Rapid Reset Attack)

Tue, 01 Oct 2024 06:00:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE. This CVE has been rejected.
Title golang.org/x/net/http2: Multiple HTTP/2 enabled web servers (Rapid Reset Attack) Golang.org/x/net/http2: multiple http/2 enabled web servers (rapid reset attack)
References

Wed, 18 Sep 2024 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat openshift Data Foundation
CPEs cpe:/a:redhat:openshift_data_foundation:4.16::el9
Vendors & Products Redhat
Redhat openshift Data Foundation

Fri, 13 Sep 2024 02:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Important

 cvssV3_1

{'score': 0.0, 'vector': 'CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N'}

threat_severity

Low

Thu, 12 Sep 2024 02:15:00 +0000

Type Values Removed Values Added
References

Fri, 06 Sep 2024 13:45:00 +0000

Type Values Removed Values Added
Title golang.org/x/net: Multiple HTTP/2 enabled web servers (Rapid Reset Attack) golang.org/x/net/http2: Multiple HTTP/2 enabled web servers (Rapid Reset Attack)
References

Wed, 04 Sep 2024 17:00:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE.
Title golang.org/x/net: Multiple HTTP/2 enabled web servers (Rapid Reset Attack)
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Important
cve-icon MITRE

Status: REJECTED

Assigner: redhat

Published:

Updated: 2024-10-30T21:32:31.426Z

Reserved: 2024-09-04T13:56:20.007Z

Link: CVE-2024-8421

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Rejected

Published: 2024-10-01T06:15:02.357

Modified: 2024-10-30T22:15:03.503

Link: CVE-2024-8421

cve-icon Redhat

Severity : Low

Publid Date: 2024-09-04T12:00:00Z

Links: CVE-2024-8421 - Bugzilla

cve-icon OpenCVE Enrichment

No data.