virus logo Intrusion Prevention

Apache.Tomcat.WebSocket.Infinite.Loop.DoS

description-logoDescription

This indicates an attack attempt to exploit a Denial of Service Vulnerability in Apache Software Foundation Tomcat.
The vulnerability is due to improper validation of extended payload lengths. A remote, unauthenticated attacker can exploit this vulnerability by sending multiple crafted WebSocket requests to the vulnerable server. Successful exploitation results in each worker thread entering an infinite loop, eventually leading to denial of service conditions.

affected-products-logoAffected Products

Apache Software Foundation Tomcat 7.0.27 to 7.0.104
Apache Software Foundation Tomcat 8.5.0 to 8.5.56
Apache Software Foundation Tomcat 9.0.0.M1 to 9.0.36

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2020-11-16 16.962
Modified
 Sig Added
2020-08-31 15.914
Modified
 Default_action:pass:drop
2020-08-18 15.907
New
ID 49416
Created Aug 10, 2020
Updated Nov 13, 2020
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 91.75%
Default Action drop
Active
Affected OS Windows, Linux
Affected App Apache
Profile Type DoS