Open source Apache Tomcat vulnerable to a publicly disclosed vulnerability
CVEID: CVE-2019-10072
**Description:**Apache Tomcat is vulnerable to a denial of service, caused by HTTP/2 connection window exhaustion on write. By failing to send WINDOW_UPDATE messages, a remote attacker could exploit this vulnerability to block threads on the server and causing a denial of service.
**CVSS Base Score:**7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/162806> for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ยท IBM QRadar 7.3 to 7.3.2 Patch 3
IBM QRadar/QRM/QVM/QRIF/QNI 7.3.2 Patch 4
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security qradar siem | eq | 7.3 |