Denial of Service Vulnerability in Undertow Websocket Server

Denial of Service Vulnerability in Undertow Websocket Server

CVE-2017-2670 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

Learn more about our Web App Pen Testing.