CVE-2025-9784

HIGH
Published Sep 2, 2025 Modified Mar 18, 2026 CWE-770 CWE-404

Description

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).

Is your site exposed to CVE-2025-9784?

Run a free security scan — no signup, results in seconds.

CVSS v3.1 Score

7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weakness Type (CWE)

CWE-770 CWE-770
CWE-404 CWE-404

Affected Products

Vendor Product
redhat build_of_apache_camel_for_spring_boot
redhat fuse
redhat jboss_enterprise_application_platform
redhat jboss_enterprise_application_platform
redhat jboss_enterprise_application_platform_expansion_pack
redhat process_automation
redhat single_sign-on
redhat undertow
redhat enterprise_linux
redhat enterprise_linux

References

Frequently Asked Questions

What is CVE-2025-9784? +
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS). It has a CVSS v3.1 base score of 7.5 (HIGH).
How severe is CVE-2025-9784? +
CVE-2025-9784 has a CVSS v3.1 score of 7.5 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.
What products are affected by CVE-2025-9784? +
CVE-2025-9784 affects products from redhat, specifically: build_of_apache_camel_for_spring_boot, enterprise_linux, fuse, jboss_enterprise_application_platform, jboss_enterprise_application_platform_expansion_pack, process_automation, single_sign-on, undertow. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2025-9784? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2025-9784 — free, no signup required.