RLSA-2025:9434 Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

RHEL 9 : mod_proxy_cluster (RHSA-2025:9434)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9434 advisory. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster:...

Moderate: Red Hat Security Advisory: mod_proxy_cluster security update

An update for modproxycluster is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

mod_proxy_cluster: mod_proxy_cluster unauthorized MCMP requests

A vulnerability was found in modproxycluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as Require ip IPADDRESS would suggest. This means that anyone with access to the host might send MCMP requests that may result in...

ALSA-2025:9434 Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

CVE-2024-10306

A vulnerability was found in modproxycluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as Require ip IPADDRESS would suggest. This means that anyone with access to the host might send MCMP requests that may result in...

CVE-2024-10306 Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests

A vulnerability was found in modproxycluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as Require ip IPADDRESS would suggest. This means that anyone with access to the host might send MCMP requests that may result in...

CVE-2024-10306 Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests

A vulnerability was found in modproxycluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as Require ip IPADDRESS would suggest. This means that anyone with access to the host might send MCMP requests that may result in...

CVE-2024-10306

CVE-2024-10306 affects the mod_proxy_cluster module (Apache HTTP Server). The issue arises because the Directory directive does not enforce access restrictions as strongly as the Location directive, enabling unauthorized MCMP requests that could add/remove/update balancer nodes. Public exploit de...

PT-2025-17610 · Unknown +2 · Mod Proxy Cluster +2

Name of the Vulnerable Software and Affected Versions: mod proxy cluster affected versions not specified Description: A vulnerability was found in mod proxy cluster, where the directive does not restrict IP/host access as Require ip IP ADDRESS would suggest, allowing anyone with access to the hos...