icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Apache Tomcat 7.0.x < 7.0.23 Hash Collision Denial of Service

Medium

Synopsis

The remote web server is affected by a denial of service vulnerability.

Description

Versions of Tomcat 7.0.x earlier than 7.0.23 are potentially affected by a denial of service vulnerability. Large numbers of crafted form parameters can cause excessive CPU consumption due to hash collisions.

Solution

Upgrade to Apache Tomcat 7.0.23 or later.