Lucene search

K
cve[email protected]CVE-2011-3348
HistorySep 20, 2011 - 5:55 a.m.

CVE-2011-3348

2011-09-2005:55:02
CWE-400
web.nvd.nist.gov
601
4
apache http server
mod_proxy_ajp
denial of service
cve-2011-3348
nvd

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.248 Low

EPSS

Percentile

96.7%

The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary “error state” in the backend server) via a malformed HTTP request.

Affected configurations

NVD
Node
apachehttp_serverRange2.2.122.2.20
Node
redhatjboss_enterprise_web_serverMatch1.0.0
AND
redhatenterprise_linuxMatch6.0
OR
redhatenterprise_linuxMatch7.0

References

Social References

More

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.248 Low

EPSS

Percentile

96.7%