Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2021-40438

🗓️ 16 Sep 2021 00:00:00Reported by AttackerKBType 
attackerkb
 attackerkb🔗 attackerkb.com👁 148 Views

A crafted request uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote user, affecting Apache HTTP Server 2.4.48 and earlier

Show more
Related
Refs
ReporterTitlePublishedViews
Family
Tenable Nessus		Photon OS 1.0: Httpd PHSA-2021-1.0-0437
8 Oct 202100:00
nessus
Tenable Nessus		Photon OS 3.0: Httpd PHSA-2021-3.0-0309
8 Oct 202100:00
nessus
Tenable Nessus		Photon OS 2.0: Httpd PHSA-2021-2.0-0399
8 Oct 202100:00
nessus
Tenable Nessus		Debian DSA-4982-1 : apache2 - security update
10 Oct 202100:00
nessus
Tenable Nessus		EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-1399)
18 Apr 202200:00
nessus
Tenable Nessus		openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:1438-1)
3 Nov 202100:00
nessus
Tenable Nessus		EulerOS 2.0 SP9 : httpd (EulerOS-SA-2021-2915)
30 Dec 202100:00
nessus
Tenable Nessus		EulerOS Virtualization 3.0.6.0 : httpd (EulerOS-SA-2022-1044)
11 Feb 202200:00
nessus
Tenable Nessus		EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1225)
25 Feb 202200:00
nessus
Tenable Nessus		EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1206)
25 Feb 202200:00
nessus
Rows per page
SourceLink
cvewww.cve.mitre.org/cgi-bin/cvename.cgi
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
listswww.lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E
listswww.lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E
listswww.lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E
listswww.lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
listswww.lists.debian.org/debian-lts-announce/2021/10/msg00001.html
securitywww.security.netapp.com/advisory/ntap-20211008-0004/
listswww.lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37@%3Cbugs.httpd.apache.org%3E
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
16 Sep 2021 00:00Current
9.2High risk
Vulners AI Score9.2
CVSS26.8
CVSS39
EPSS0.96554
apache http servermod_proxyssrf attackcve-2021-40438server side request forgerycisco productsinternal networkunauthenticated attackers
148
.json
Report