Lucene search

K
redhatcveRedhat.comRH:CVE-2019-18860
HistoryMar 25, 2020 - 4:01 p.m.

CVE-2019-18860

2020-03-2516:01:25
redhat.com
access.redhat.com
13

0.003 Low

EPSS

Percentile

67.8%

A flaw was found in squid. Squid, when certain web browsers are used, mishandles HTML in the host parameter to cachemgr.cgi which could result in squid behaving in unsecure way.

Mitigation

The cachemgr.cgi script is not used by default. If you've set this up manually and are worried about this issue, remove it from your server.