Tempesta · Tempesta · CVE-2024-2758
**Name of the Vulnerable Software and Affected Versions**
Tempesta (affected versions not specified)
**Description**
The issue is related to a firewall vulnerability in the implementation of the HTTP/2 protocol, specifically concerning the handling of CONTINUATION frames. This can lead to an uncontrolled consumption of resources due to incorrect detection of the end of a header. An attacker could exploit this to cause a denial of service. The rate limits in Tempesta FW are not enabled by default and may be set either too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.