Description

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

Remediation

References

CVE-2017-2670

Related Vulnerabilities

Internet Information Services Permissions, Privileges, and Access Controls Vulnerability (CVE-1999-0777)

WordPress Plugin Top 10-Popular posts for WordPress SQL Injection (2.4.3)

WordPress Plugin Spotlight Social Feeds [Block, Shortcode, and Widget] Cross-Site Scripting (1.4.2)

WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (2.15)

LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16183)

Severity

High

Classification

CVE-2017-2670 CWE-835 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities