9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
6.6 Medium
AI Score
Confidence
Low
0.023 Low
EPSS
Percentile
89.6%
Vulnerability of mod_proxy module of Apache HTTP Server web server is related to failure to take measures to process CRLF sequences in HTTP headers.
CRLF sequences in HTTP headers. Exploitation of the vulnerability could allow an attacker,
acting remotely to perform HTTP response splitting attacks
Vulnerability in the mod_proxy_ajp module of Apache HTTP Server is related to a flaw in the handling of the Transfer-Encoding header.
of the Transfer-Encoding header. Exploitation of the vulnerability could allow an attacker acting remotely,
send a hidden HTTP request (HTTP Request Smuggling attack)
Vulnerability in mod_dav module of Apache HTTP Server is related to operation out of buffer boundaries.
Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
6.6 Medium
AI Score
Confidence
Low
0.023 Low
EPSS
Percentile
89.6%