SA-2024-097 - Apache Tomcat WebSocket DoS (CVE-202... - Extreme Networks

Summary
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.

Products Potentially Affected

OS/Product	Exposure
ExtremeAnalytics for Site Engine	No
ExtremeCloud IQ - Site Engine (XIQ-SE)	No
ExtremeControl for Site Engine	No

Repair Recommendations
None.

Please see the full security advisory article here for more details and updates.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)

GTM-P2G8KFN

Extreme Networks

SA-2024-097 - Apache Tomcat WebSocket DoS (CVE-2024-23672)

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)