Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2023-28709

Off-by-one Error

Published: May 22, 2023 | Modified: Feb 13, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2023-28709
CWEhttps://cwe.mitre.org/data/definitions/193.html

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.

Weakness

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Affected Software

NameVendorStart VersionEnd Version
TomcatApache8.5.85 (including)8.5.87 (including)
TomcatApache9.0.71 (including)9.0.73 (including)
TomcatApache10.1.5 (including)10.1.7 (including)
TomcatApache11.0.0-milestone2 (including)11.0.0-milestone2 (including)
TomcatApache11.0.0-milestone3 (including)11.0.0-milestone3 (including)
TomcatApache11.0.0-milestone4 (including)11.0.0-milestone4 (including)
JWS 5.7.4 releaseRedHattomcat*
Red Hat Enterprise Linux 8RedHattomcat-1:9.0.62-27.el8_9*
Red Hat Enterprise Linux 9RedHattomcat-1:9.0.62-37.el9_3*
Red Hat JBoss Web Server 5.7 on RHEL 7RedHatjws5-tomcat-0:9.0.62-15.redhat_00013.1.el7jws*
Red Hat JBoss Web Server 5.7 on RHEL 8RedHatjws5-tomcat-0:9.0.62-15.redhat_00013.1.el8jws*
Red Hat JBoss Web Server 5.7 on RHEL 9RedHatjws5-tomcat-0:9.0.62-15.redhat_00013.1.el9jws*
Tomcat9Ubuntubionic*
Tomcat9Ubuntufocal*
Tomcat9Ubuntukinetic*
Tomcat9Ubuntulunar*
Tomcat9Ubuntumantic*
Tomcat9Ubuntuoracular*
Tomcat9Ubuntuplucky*
Tomcat9Ubuntutrusty*
Tomcat9Ubuntuxenial*

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use