CVE-2025-9784
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-02

Last updated on: 2026-03-18

Assigner: Red Hat, Inc.

Description
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-02
Last Modified
2026-03-18
Generated
2026-06-16
AI Q&A
2025-09-02
EPSS Evaluated
2026-06-15
NVD
CVE-2025-9784
Affected Vendors & Products
Showing 10 associated CPEs
Vendor Product Version / Range
redhat build_of_apache_camel_for_spring_boot *
redhat fuse 7.0.0
redhat jboss_enterprise_application_platform 7.0.0
redhat jboss_enterprise_application_platform 8.0.0
redhat jboss_enterprise_application_platform_expansion_pack *
redhat process_automation 7.0
redhat single_sign-on 7.0
redhat undertow *
redhat enterprise_linux 8.0
redhat enterprise_linux 9.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-9784 is a high-severity vulnerability in Undertow related to HTTP/2, known as the "MadeYouReset" attack. It involves malformed client requests that cause the server to reset streams repeatedly without triggering abuse counters. This design flaw allows attackers to exploit HTTP/2 control frames to induce excessive server workload by causing server-side stream aborts, leading to a denial of service (DoS). [1]

Impact Analysis

This vulnerability can impact you by causing a denial of service (DoS) on servers running vulnerable versions of Undertow. Attackers can exploit the flaw to repeatedly reset server streams, overwhelming the server and disrupting service availability, potentially making your services unresponsive or unavailable. [1]

Detection Guidance

Detection of this vulnerability involves monitoring for abnormal HTTP/2 server-side stream resets and excessive server workload caused by malformed client requests exploiting HTTP/2 control frames. Specific commands are not provided in the available resources, but network monitoring tools that analyze HTTP/2 traffic for unusual stream resets or connection aborts may help identify exploitation attempts. [1]

Mitigation Strategies

Immediate mitigation steps include monitoring and limiting HTTP/2 control frame usage to prevent abuse, applying any available patches or updates once released, and implementing rate limiting or connection throttling to reduce the impact of repeated server-side stream resets. Since no fix is currently released, defensive measures such as network-level filtering or disabling HTTP/2 temporarily may be considered. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9784. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart