CVE-2025-9784: Allocation of Resources Without Limits or Throttling
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).
AI Analysis
Technical Summary
CVE-2025-9784 is a vulnerability in Undertow HTTP server where malformed HTTP/2 client requests can trigger server-side stream resets repeatedly without incrementing abuse counters. This behavior, dubbed the "MadeYouReset" attack, allows attackers to cause excessive server workload and potential denial of service by exploiting a lack of resource allocation limits or throttling. The issue affects Red Hat build of Apache Camel for Spring Boot 4 and Red Hat JBoss Enterprise Application Platform 8. Red Hat has published multiple security advisories and released patched versions (e.g., Apache Camel 4.14.2 and JBoss EAP 8.1.3) that fix this vulnerability. The CVSS v3.1 base score is 7.5 (high severity), reflecting network attack vector, low complexity, no privileges or user interaction required, and impact limited to availability (denial of service).
Potential Impact
Successful exploitation of this vulnerability allows an unauthenticated remote attacker to induce excessive server workload by repeatedly causing server-side HTTP/2 stream aborts, leading to denial of service (DoS) conditions. There is no impact on confidentiality or integrity. No known exploits in the wild have been reported as of the latest advisories.
Mitigation Recommendations
Red Hat has released official security updates that address CVE-2025-9784 in Red Hat build of Apache Camel 4.14.2 for Spring Boot and Red Hat JBoss Enterprise Application Platform 8.1.3. Users should apply these updates as soon as possible. Before applying the updates, ensure all previously released errata relevant to the system are applied and back up existing installations. No alternative mitigations or workarounds are specified in the vendor advisories. Patch status is confirmed as fixed by Red Hat.
CVE-2025-9784: Allocation of Resources Without Limits or Throttling
Description
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-9784 is a vulnerability in Undertow HTTP server where malformed HTTP/2 client requests can trigger server-side stream resets repeatedly without incrementing abuse counters. This behavior, dubbed the "MadeYouReset" attack, allows attackers to cause excessive server workload and potential denial of service by exploiting a lack of resource allocation limits or throttling. The issue affects Red Hat build of Apache Camel for Spring Boot 4 and Red Hat JBoss Enterprise Application Platform 8. Red Hat has published multiple security advisories and released patched versions (e.g., Apache Camel 4.14.2 and JBoss EAP 8.1.3) that fix this vulnerability. The CVSS v3.1 base score is 7.5 (high severity), reflecting network attack vector, low complexity, no privileges or user interaction required, and impact limited to availability (denial of service).
Potential Impact
Successful exploitation of this vulnerability allows an unauthenticated remote attacker to induce excessive server workload by repeatedly causing server-side HTTP/2 stream aborts, leading to denial of service (DoS) conditions. There is no impact on confidentiality or integrity. No known exploits in the wild have been reported as of the latest advisories.
Mitigation Recommendations
Red Hat has released official security updates that address CVE-2025-9784 in Red Hat build of Apache Camel 4.14.2 for Spring Boot and Red Hat JBoss Enterprise Application Platform 8.1.3. Users should apply these updates as soon as possible. Before applying the updates, ensure all previously released errata relevant to the system are applied and back up existing installations. No alternative mitigations or workarounds are specified in the vendor advisories. Patch status is confirmed as fixed by Red Hat.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- redhat
- Date Reserved
- 2025-09-01T06:33:05.239Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2025:23143","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:0383","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:0384","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:0386","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:3889","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:3891","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:3892","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:4915","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:4916","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:4917","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:4924","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2025-9784","vendor":"Red Hat"},{"url":"https://kb.cert.org/vuls/id/767506","vendor":"CERT"},{"url":"https://www.kb.cert.org/vuls/id/767506","vendor":"CERT"}]
Threat ID: 68b6f583ad5a09ad00ddfc25
Added to database: 9/2/2025, 1:47:47 PM
Last enriched: 5/9/2026, 2:00:38 AM
Last updated: 5/10/2026, 3:27:03 AM
Views: 890
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.