CVE-2021-40438

🗓️ 16 Sep 2021 14:40:23Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 10 Media mentions👁 4682 Views

A crafted request uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier

Reporter	Title	Published	Views	Family All 259
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-39275, CVE-2021-40438, CVE-2021-34798)	8 Nov 202104:06	–	ibm
IBM Security Bulletins	Security Bulletin: Apache HTTP Server as used in IBM QRadar SIEM is vulnerable to server-side request forgery (SSRF) (CVE-2021-40438)	20 Dec 202121:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it.(CVE-2021-40438)	17 Jan 202218:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities (CVE-2021-40438, CVE-2021-34798)	15 Apr 202204:37	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-40438, CVE-2021-34798)	18 Oct 202106:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server	11 Nov 202119:48	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with WebSphere Remote Server (CVE-2021-40438, CVE-2021-34798)	17 Dec 202116:40	–	ibm
IBM Security Bulletins	WebSphere Application Server and IBM HTTP Server Security Bulletin List	13 Jul 202218:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Aspera Orchestrator vulnerable to server-side request forgery due to Apache HTTP Server vulnerability (CVE-2021-40438)	2 Feb 202317:18	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM HTTP Server (powered by Apache) for i	6 Dec 202117:06	–	ibm

NVD

Vulners

Node

resf rocky_linuxMatch8.0

Node

redhat jboss_core_servicesMatch1.0

AND

redhat enterprise_linuxMatch7.0

redhat enterprise_linuxMatch8.0

Node

redhat software_collectionsMatch1.0

AND

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_workstationMatch7.0

Node

redhat enterprise_linuxMatch8.0

redhat enterprise_linux_eusMatch8.1

redhat enterprise_linux_eusMatch8.2

redhat enterprise_linux_eusMatch8.4

redhat enterprise_linux_eusMatch8.6

redhat enterprise_linux_eusMatch8.8

redhat enterprise_linux_for_arm_64Match8.0

redhat enterprise_linux_for_arm_64_eusMatch8.6

redhat enterprise_linux_for_arm_64_eusMatch8.8

redhat enterprise_linux_for_ibm_z_systemsMatch7.0_s390x

redhat enterprise_linux_for_ibm_z_systemsMatch8.0

redhat enterprise_linux_for_ibm_z_systems_eusMatch8.1

redhat enterprise_linux_for_ibm_z_systems_eusMatch8.4

redhat enterprise_linux_for_ibm_z_systems_eusMatch8.8

redhat enterprise_linux_for_ibm_z_systems_eus_s390xMatch8.2

redhat enterprise_linux_for_power_big_endianMatch7.0

redhat enterprise_linux_for_power_little_endianMatch7.0

redhat enterprise_linux_for_power_little_endianMatch8.0

redhat enterprise_linux_for_power_little_endian_eusMatch8.1

redhat enterprise_linux_for_power_little_endian_eusMatch8.2

redhat enterprise_linux_for_power_little_endian_eusMatch8.4

redhat enterprise_linux_for_power_little_endian_eusMatch8.6

redhat enterprise_linux_for_power_little_endian_eusMatch8.8

redhat enterprise_linux_for_scientific_computingMatch7.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.2

redhat enterprise_linux_server_ausMatch7.3

redhat enterprise_linux_server_ausMatch7.4

redhat enterprise_linux_server_ausMatch7.6

redhat enterprise_linux_server_ausMatch7.7

redhat enterprise_linux_server_ausMatch8.2

redhat enterprise_linux_server_ausMatch8.4

redhat enterprise_linux_server_ausMatch8.6

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch7.6

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch7.7

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.1

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.2

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.4

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.6

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.8

redhat enterprise_linux_server_tusMatch7.6

redhat enterprise_linux_server_tusMatch7.7

redhat enterprise_linux_server_tusMatch8.2

redhat enterprise_linux_server_tusMatch8.4

redhat enterprise_linux_server_tusMatch8.6

redhat enterprise_linux_server_tusMatch8.8

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.6

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.7

redhat enterprise_linux_update_services_for_sap_solutionsMatch8.1

redhat enterprise_linux_update_services_for_sap_solutionsMatch8.2

redhat enterprise_linux_update_services_for_sap_solutionsMatch8.4

redhat enterprise_linux_update_services_for_sap_solutionsMatch8.6

redhat enterprise_linux_update_services_for_sap_solutionsMatch8.8

redhat enterprise_linux_workstationMatch7.0

Node

apache http_serverRange≤2.4.48

Node

fedoraproject fedoraMatch34

fedoraproject fedoraMatch35

Node

debian debian_linuxMatch9.0

debian debian_linuxMatch10.0

debian debian_linuxMatch11.0

Node

netapp cloud_backupMatch-

netapp clustered_data_ontapMatch-

netapp storagegridMatch-

broadcom brocade_fabric_operating_system_firmwareMatch-

Node

f5 f5osRange1.1.0–1.1.4

f5 f5osRange1.2.0–1.2.1

Node

oracle enterprise_manager_ops_centerMatch12.4.0.0

oracle http_serverMatch12.2.1.3.0

oracle http_serverMatch12.2.1.4.0

oracle instantis_enterprisetrackMatch17.1

oracle instantis_enterprisetrackMatch17.2

oracle instantis_enterprisetrackMatch17.3

oracle secure_global_desktopMatch5.6

oracle zfs_storage_appliance_kitMatch8.8

Node

siemens ruggedcom_nms

siemens sinec_nmsRange<1.0.3

siemens sinema_remote_connect_serverRange<3.1

siemens sinema_remote_connect_serverMatch3.2

siemens sinema_serverMatch14.0-

Node

tenable tenable.scRange≤5.19.1

[
  {
    "product": "Apache HTTP Server",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "2.4.48",
        "status": "affected",
        "version": "Apache HTTP Server 2.4",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
lists	www.lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E
lists	www.lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
lists	www.lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E
lists	www.lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
tenable	www.tenable.com/security/tns-2021-17
security	www.security.netapp.com/advisory/ntap-20211008-0004/
lists	www.lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E
oracle	www.oracle.com/security-alerts/cpujan2022.html

27 Oct 2025 17:37Current

9.5High risk

Vulners AI Score9.5

CVSS 26.8

CVSS 3.19

EPSS0.94432

SSVC