CVE-2021-28652

2021-05-19T15:54:31
ID RH:CVE-2021-28652
Type redhatcve
Reporter redhat.com
Modified 2021-07-22T10:19:56

Description

A flaw was found in Squid. A parser validation bug could allow a trusted client with Cache Manager API access privileges to trigger memory leaks, potentially resulting in a denial of service against Squid. The highest threat from this vulnerability is to system availability.

Mitigation

To mitigate this flaw Cache Manager access privileges can be hardened, for example by requiring authentication or other access controls in the "http_access" directive beyond the default IP address restriction. Alternatively, Cache Manager access can be disabled entirely if not needed. To do so, place the following line in squid.conf before lines containing "allow" :

http_access deny manager