Synopsis
Apache Tomcat 7.0.x < 7.0.105 Denial of Service
Description
The version of Apache Tomcat installed on the remote host is 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 or 7.0.0 to 7.0.104. It is, therefore, affected by two denial of service vulnerabilities via WebSocket frame and HTTP/2 requests.
Note that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Apache Tomcat version 7.0.105 or later.