Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2021-40438

Published: August 31, 2023Last modified: August 31, 2023

Description

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

Severity score breakdown

ParameterValue
Base score9
Attack VectorNETWORK
Attack complexityHIGH
Privileges requiredNONE
User interactionNONE
ScopeCHANGED
ConfidentialityHIGH
Integrity impactHIGH
Availability impactHIGH
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSapache2Not affected (2.4.57-r0)
Streamapache2Not affected (2.4.57-r3)

References

ON THIS PAGE