4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.5%
Fix handling of the Require line in mod_lau when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected.
CPE | Name | Operator | Version |
---|---|---|---|
apache httpd | eq | 2.4.10 | |
apache httpd | eq | 2.4.9 | |
apache httpd | eq | 2.4.7 | |
apache httpd | eq | 2.4.6 | |
apache httpd | eq | 2.4.4 | |
apache httpd | eq | 2.4.3 | |
apache httpd | eq | 2.4.2 | |
apache httpd | eq | 2.4.1 |