Proxy accepts CONNECT requests to itself

Description
  • The proxy allows the users to perform repeated CONNECT requests to itself. <br/> This may allow an attacker to perform a denial of service attack by saturating the proxy CPU, memory or file descriptors.
Remediation
  • Restrict proxy access to valid users and/or hosts. Deny CONNECT requests.
References