cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-37544,https://securityvulnerability.io/vulnerability/CVE-2023-37544,Apache Pulsar WebSocket Proxy: Improper Authentication for WebSocket Proxy Endpoint Allows DoS,"The Apache Pulsar WebSocket Proxy is affected by an improper authentication vulnerability that permits unauthorized access to the /pingpong endpoint. This flaw enables attackers to connect without proper credentials, leading to potential denial of service conditions due to unrestricted connection acceptance. Additionally, this vulnerability could result in excessive data transfer, exploiting the WebSocket ping/pong functionality. Users of versions 2.8.x, 2.9.x, and earlier must upgrade to the patched versions of 2.10.5, 2.11.2, or 3.0.1 to mitigate associated risks.",Apache,Apache Pulsar WebSocket Proxy,7.5,HIGH,0.002589999930933118,false,,false,false,false,,,false,false,,2023-12-20T09:15:00.000Z,0