The version of Apache Tomcat installed on the remote host is version 7.x prior to 7.0.91. It is, therefore, affected by a vulnerability that could allow a remote attacker to bypass security restrictions, caused by a missing host name verification when using TLS with the WebSocket client. An attacker could exploit this vulnerability to bypass security constraints to access restricted resources.
Binary data 700681.pasl