Lucene search
HistorySep 15, 2012 - 10:37 a.m.
CVE-2012-4001
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
44.5%
The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
Affected configurations
Node
googlemod_pagespeedRange≤0.10.22.4
ORgooglemod_pagespeedMatch0.10.19.1
apachehttp_server
Related
cve
cve
CVE-2012-4001
2022-10-03 16:15:34
cvelist
cvelist
CVE-2012-4001
2022-10-03 16:15:34
prion
prion
Code injection
2012-09-15 10:37:00
openvas
openvas
FreeBSD Ports: mod_pagespeed
2012-09-15 00:00:00
FreeBSD Ports: mod_pagespeed
2012-09-15 00:00:00
nessus
nessus
freebsd
freebsd
mod_pagespeed -- multiple vulnerabilities
2012-09-12 00:00:00
seebug
seebug
Apache 'mod_pagespeed'模块跨站脚本执行和安全限制绕过漏洞
2012-09-18 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
44.5%
Related for NVD:CVE-2012-4001