CVE-2019-14888

Summary

A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.

Affected Software

VendorProductVersion RangeStatus
Red HatundertowAll versions before 2.0.28.SP1affected

Weaknesses

  • CWE-400: CWE-400

ADP Enrichment

CVE Program Container

Additional References

References