Lucene search

CVE-2021-44224

🗓️ 20 Dec 2021 12:07:15Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 25 Media mentions👁 2308 Views

CVE-2021-44224 crafted URI can cause crash or SSRF in Apache HTTP Server

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 149
NVD	CVE-2021-44224	20 Dec 202112:15	–	nvd
IBM Security Bulletins	Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-44224)	17 Jan 202218:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM HTTP Server (powered by Apache) for i is vulnerable to CVE-2021-44224	28 Feb 202223:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-44790, CVE-2021-44224)	16 Mar 202208:32	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-44790, CVE-2021-44224)	1 Apr 202210:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Remote Server	4 Mar 202219:21	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache HTTP (CVE-2021-33193 and CVE-2021-44224) affects Power HMC	4 Dec 202200:13	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server	12 Jan 202219:17	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2021-44790, CVE-2021-44224)	1 Apr 202212:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities	2 Jun 202202:42	–	ibm

Nvd

Vulners

Node

apache http_serverRange2.4.7–2.4.52

Node

fedoraproject fedoraMatch34

fedoraproject fedoraMatch35

fedoraproject fedoraMatch36

Node

debian debian_linuxMatch10.0

debian debian_linuxMatch11.0

Node

tenable tenable.scRange5.14.0–5.20.0

Node

tenable tenable.scRange5.16.0–202201.1

Node

oracle communications_element_managerRange<9.0

oracle communications_operations_monitorMatch4.0

oracle communications_operations_monitorMatch4.3

oracle communications_operations_monitorMatch4.4

oracle communications_operations_monitorMatch5.0

oracle communications_session_report_managerRange<9.0

oracle communications_session_route_managerRange<9.0

oracle http_serverMatch-

oracle http_serverMatch12.2.1.3.0

oracle http_serverMatch12.2.1.4.0

oracle instantis_enterprisetrackMatch17.1

oracle instantis_enterprisetrackMatch17.2

oracle instantis_enterprisetrackMatch17.3

Node

apple mac_os_xMatch10.15.7

apple mac_os_xMatch10.15.7security_update_2020-001

apple mac_os_xMatch10.15.7security_update_2021-001

apple mac_os_xMatch10.15.7security_update_2021-002

apple mac_os_xMatch10.15.7security_update_2021-003

apple mac_os_xMatch10.15.7security_update_2021-004

apple mac_os_xMatch10.15.7security_update_2021-005

apple mac_os_xMatch10.15.7security_update_2021-006

apple mac_os_xMatch10.15.7security_update_2021-007

apple mac_os_xMatch10.15.7security_update_2021-008

apple mac_os_xMatch10.15.7security_update_2022-001

apple mac_os_xMatch10.15.7security_update_2022-002

apple mac_os_xMatch10.15.7security_update_2022-003

apple macosRange<10.15.7

apple macosRange11.0–11.6.6

apple macosRange12.0.0–12.4

[
  {
    "product": "Apache HTTP Server",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "Apache HTTP Server 2.4*",
        "status": "affected",
        "version": "2.4.7",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
debian	www.debian.org/security/2022/dsa-5035
seclists	www.seclists.org/fulldisclosure/2022/May/35
tenable	www.tenable.com/security/tns-2022-03
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/
oracle	www.oracle.com/security-alerts/cpuapr2022.html
security	www.security.gentoo.org/glsa/202208-20
oracle	www.oracle.com/security-alerts/cpujan2022.html
httpd	www.httpd.apache.org/security/vulnerabilities_24.html
support	www.support.apple.com/kb/HT213256
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Dec 2021 12:15Current

8.7High risk

Vulners AI Score8.7

CVSS26.4

CVSS38.2

EPSS0.11044

CWE-476