A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat single sign-on 7.0 |
||
redhat openshift application runtimes - |
||
redhat undertow 2.3.0 |
||
redhat undertow 2.2.19 |
||
redhat undertow 2.2.17 |
||
redhat undertow |
||
netapp oncommand workflow automation - |
||
netapp oncommand insight - |
||
netapp active iq unified manager - |
||
netapp cloud secure agent - |