Proxy accepts CONNECT requests to itself

Description

The proxy allows the users to perform repeated CONNECT requests to itself.
This may allow an attacker to perform a denial of service attack by saturating the proxy CPU, memory or file descriptors.

Remediation

Restrict proxy access to valid users and/or hosts. Deny CONNECT requests.

References
Severity
Classification
Tags
  • Configuration   Network Alert