CVE & CISA-KEV Catalog

CVE-2023-4785

HIGH
7.5
CVSS v3
NVD

Description

Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected.

How to fix

Remediation Available
candlepinRocky
Fixed in:0:4.3.11-1.el8satRHSA-2024:0797
Fixed in:0:4.3.11-1.el8satRHSA-2024:0797
candlepinRed Hat / RHEL
Fixed in:0:4.3.11-1.el8satRHSA-2024:0797
Fixed in:0:4.3.11-1.el8satRHSA-2024:0797
candlepin-selinuxRocky
Fixed in:0:4.3.11-1.el8satRHSA-2024:0797
candlepin-selinuxRed Hat / RHEL
Fixed in:0:4.3.11-1.el8satRHSA-2024:0797
foremanRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foremanRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-cliRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-cliRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-debugRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-debugRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-dynflow-sidekiqRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-dynflow-sidekiqRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-ec2Red Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-ec2Rocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-installerRed Hat / RHEL
Fixed in:1:3.7.0.7-1.el8satRHSA-2024:0797
Fixed in:1:3.7.0.7-1.el8satRHSA-2024:0797
foreman-installerRocky
Fixed in:1:3.7.0.7-1.el8satRHSA-2024:0797
Fixed in:1:3.7.0.7-1.el8satRHSA-2024:0797
foreman-installer-katelloRocky
Fixed in:1:3.7.0.7-1.el8satRHSA-2024:0797
foreman-installer-katelloRed Hat / RHEL
Fixed in:1:3.7.0.7-1.el8satRHSA-2024:0797
foreman-journaldRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-journaldRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-libvirtRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-libvirtRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-openstackRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-openstackRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-ovirtRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-ovirtRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-postgresqlRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-postgresqlRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-redisRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-redisRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-serviceRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-serviceRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-telemetryRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-telemetryRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-vmwareRed Hat / RHEL
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
foreman-vmwareRocky
Fixed in:0:3.7.0.11-2.el8satRHSA-2024:0797
mosquittoRocky
Fixed in:0:2.0.17-1.el8satRHSA-2024:0797
Fixed in:0:2.0.17-1.el8satRHSA-2024:0797
mosquittoRed Hat / RHEL
Fixed in:0:2.0.17-1.el8satRHSA-2024:0797
Fixed in:0:2.0.17-1.el8satRHSA-2024:0797
mosquitto-debuginfoRocky
Fixed in:0:2.0.17-1.el8satRHSA-2024:0797
mosquitto-debuginfoRed Hat / RHEL
Fixed in:0:2.0.17-1.el8satRHSA-2024:0797
mosquitto-debugsourceRed Hat / RHEL
Fixed in:0:2.0.17-1.el8satRHSA-2024:0797
mosquitto-debugsourceRocky
Fixed in:0:2.0.17-1.el8satRHSA-2024:0797
puppet-agentRocky
Fixed in:0:7.27.0-1.el8satRHSA-2024:0797
Fixed in:0:7.27.0-1.el8satRHSA-2024:0797
puppet-agentRed Hat / RHEL
Fixed in:0:7.27.0-1.el8satRHSA-2024:0797
Fixed in:0:7.27.0-1.el8satRHSA-2024:0797
puppetserverRed Hat / RHEL
Fixed in:0:7.14.0-1.el8satRHSA-2024:0797
Fixed in:0:7.14.0-1.el8satRHSA-2024:0797
puppetserverRocky
Fixed in:0:7.14.0-1.el8satRHSA-2024:0797
Fixed in:0:7.14.0-1.el8satRHSA-2024:0797
python-pulp-containerRocky
Fixed in:0:2.14.11-1.el8pcRHSA-2024:0797
python-pulp-containerRed Hat / RHEL
Fixed in:0:2.14.11-1.el8pcRHSA-2024:0797
python39-pulp-containerRed Hat / RHEL
Fixed in:0:2.14.11-1.el8pcRHSA-2024:0797
python39-pulp-containerRocky
Fixed in:0:2.14.11-1.el8pcRHSA-2024:0797
rubygem-foreman_bootdiskRed Hat / RHEL
Fixed in:0:21.2.1-1.el8satRHSA-2024:0797
Fixed in:0:21.2.1-1.el8satRHSA-2024:0797
rubygem-foreman_bootdiskRocky
Fixed in:0:21.2.1-1.el8satRHSA-2024:0797
Fixed in:0:21.2.1-1.el8satRHSA-2024:0797
rubygem-google-protobufRocky
Fixed in:0:3.24.3-1.el8satRHSA-2024:0797
Fixed in:0:3.24.3-1.el8satRHSA-2024:0797
rubygem-google-protobufRed Hat / RHEL
Fixed in:0:3.24.3-1.el8satRHSA-2024:0797
Fixed in:0:3.24.3-1.el8satRHSA-2024:0797
rubygem-google-protobuf-debuginfoRocky
Fixed in:0:3.24.3-1.el8satRHSA-2024:0797
rubygem-google-protobuf-debuginfoRed Hat / RHEL
Fixed in:0:3.24.3-1.el8satRHSA-2024:0797
rubygem-google-protobuf-debugsourceRed Hat / RHEL
Fixed in:0:3.24.3-1.el8satRHSA-2024:0797
rubygem-google-protobuf-debugsourceRocky
Fixed in:0:3.24.3-1.el8satRHSA-2024:0797
rubygem-grpcRed Hat / RHEL
Fixed in:0:1.58.0-1.el8satRHSA-2024:0797
Fixed in:0:1.58.0-1.el8satRHSA-2024:0797
rubygem-grpcRocky
Fixed in:0:1.58.0-1.el8satRHSA-2024:0797
Fixed in:0:1.58.0-1.el8satRHSA-2024:0797
rubygem-kafoRed Hat / RHEL
Fixed in:0:7.2.0-1.el8satRHSA-2024:0797
Fixed in:0:7.2.0-1.el8satRHSA-2024:0797
rubygem-kafoRocky
Fixed in:0:7.2.0-1.el8satRHSA-2024:0797
Fixed in:0:7.2.0-1.el8satRHSA-2024:0797
rubygem-katelloRocky
Fixed in:0:4.9.0.21-1.el8satRHSA-2024:0797
Fixed in:0:4.9.0.21-1.el8satRHSA-2024:0797
rubygem-katelloRed Hat / RHEL
Fixed in:0:4.9.0.21-1.el8satRHSA-2024:0797
Fixed in:0:4.9.0.21-1.el8satRHSA-2024:0797
rubygem-pumaRocky
Fixed in:0:6.3.1-1.el8satRHSA-2024:0797
Fixed in:0:6.3.1-1.el8satRHSA-2024:0797
rubygem-pumaRed Hat / RHEL
Fixed in:0:6.3.1-1.el8satRHSA-2024:0797
Fixed in:0:6.3.1-1.el8satRHSA-2024:0797
rubygem-puma-debuginfoRed Hat / RHEL
Fixed in:0:6.3.1-1.el8satRHSA-2024:0797
rubygem-puma-debuginfoRocky
Fixed in:0:6.3.1-1.el8satRHSA-2024:0797
rubygem-puma-debugsourceRocky
Fixed in:0:6.3.1-1.el8satRHSA-2024:0797
rubygem-puma-debugsourceRed Hat / RHEL
Fixed in:0:6.3.1-1.el8satRHSA-2024:0797
rubygem-sidekiqRed Hat / RHEL
Fixed in:0:6.5.12-1.el8satRHSA-2024:0797
Fixed in:0:6.5.12-1.el8satRHSA-2024:0797
rubygem-sidekiqRocky
Fixed in:0:6.5.12-1.el8satRHSA-2024:0797
Fixed in:0:6.5.12-1.el8satRHSA-2024:0797
satelliteRed Hat / RHEL
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
satelliteRocky
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
satellite-capsuleRocky
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
satellite-capsuleRed Hat / RHEL
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
satellite-cliRed Hat / RHEL
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
satellite-cliRocky
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
satellite-commonRed Hat / RHEL
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
satellite-commonRocky
Fixed in:0:6.14.2-1.el8satRHSA-2024:0797
satellite-convert2rhel-toolkitRocky
Fixed in:0:1.0.1-1.el8satRHSA-2024:0797
Fixed in:0:1.0.1-1.el8satRHSA-2024:0797
satellite-convert2rhel-toolkitRed Hat / RHEL
Fixed in:0:1.0.1-1.el8satRHSA-2024:0797
Fixed in:0:1.0.1-1.el8satRHSA-2024:0797

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.67%probability of exploitation in 30 days
47thpercentile

Moderate risk: more likely to be exploited than 47% of all known CVEs.

References

Embed a live status badge for CVE-2023-4785
CVE-2023-4785 severity badge

Markdown

[![CVE-2023-4785](https://tridentstack.com/cve/badge/CVE-2023-4785.svg)](https://tridentstack.com/cve/CVE-2023-4785)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-4785"><img src="https://tridentstack.com/cve/badge/CVE-2023-4785.svg" alt="CVE-2023-4785"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-01-12.