Lucene search
GoogleOSV:CVE-2024-39573HistoryJul 01, 2024 - 7:15 p.m.
CVE-2024-39573
2024-07-0119:15:05
Google
osv.dev
7
ssrf
mod_rewrite
apache http server
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6.5
Confidence
Low
Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL’s to be handled by mod_proxy.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
Related
osv
osv
BIT-apache-2024-39573
2024-07-03 07:16:17
Important: httpd security update
2024-07-26 12:33:59
Important: httpd:2.4 security update
2024-07-23 00:00:00
cvelist
cvelist
CVE-2024-39573 Apache HTTP Server: mod_rewrite proxy handler substitution
2024-07-01 18:16:44
nvd
nvd
CVE-2024-39573
2024-07-01 19:15:05
vulnrichment
vulnrichment
CVE-2024-39573 Apache HTTP Server: mod_rewrite proxy handler substitution
2024-07-01 18:16:44
redhatcve
redhatcve
CVE-2024-39573
2024-07-01 19:52:48
CVE-2024-38473
2024-07-01 21:49:32
debiancve
debiancve
CVE-2024-39573
2024-07-01 19:15:05
alpinelinux
alpinelinux
CVE-2024-39573
2024-07-01 19:15:05
nessus
nessus
F5 Networks BIG-IP : Apache HTTP server vulnerability (K000140693)
2024-08-15 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2024:2405-1)
2024-07-12 00:00:00
RHEL 9 : httpd (RHSA-2024:5001)
2024-08-06 00:00:00
cve
cve
CVE-2024-39573
2024-07-01 19:15:05
hackerone
hackerone
f5
f5
K000140693: Apache HTTP server vulnerability CVE-2024-39573
2024-08-13 00:00:00
redhat
redhat
(RHSA-2024:5001) Moderate: httpd security update
2024-08-05 08:31:48
(RHSA-2024:4720) Important: httpd:2.4 security update
2024-07-23 08:15:17
(RHSA-2024:4726) Important: httpd security update
2024-07-23 12:57:04
ubuntucve
ubuntucve
CVE-2024-39573
2024-07-01 00:00:00
redos
redos
ROS-20240812-15
2024-08-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2436-1)
2024-08-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2624-1)
2024-07-31 00:00:00
Fedora: Security Advisory (FEDORA-2024-e7e73befad)
2024-08-06 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2024-4.0-0651
2024-07-11 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0314
2024-07-11 00:00:00
Critical Photon OS Security Update - PHSA-2024-3.0-0771
2024-07-12 00:00:00
rocky
rocky
httpd security update
2024-07-26 12:33:59
oraclelinux
oraclelinux
httpd security update
2024-07-23 00:00:00
httpd:2.4 security update
2024-07-23 00:00:00
almalinux
almalinux
Important: httpd security update
2024-07-23 00:00:00
Important: httpd:2.4 security update
2024-07-23 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: httpd-2.4.61-1.fc40
2024-07-09 01:55:52
[SECURITY] Fedora 39 Update: httpd-2.4.61-1.fc39
2024-07-19 02:21:50
ibm
ibm
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2024-07-01 00:00:00
amazon
amazon
Important: httpd
2024-07-18 02:00:00
kaspersky
kaspersky
KLA70199 Multiple vulnerabilities in Apache HTTP Server
2024-07-01 00:00:00
ubuntu
ubuntu
Apache HTTP Server regression
2024-07-11 00:00:00
Apache HTTP Server vulnerabilities
2024-07-08 00:00:00
slackware
slackware
[slackware-security] httpd
2024-07-02 19:38:48
mageia
mageia
Updated apache packages fix security vulnerabilities
2024-07-09 10:01:06
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6.5
Confidence
Low
Related for OSV:CVE-2024-39573