2 matches found
CVE-2024-38472
SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...
CVE-2024-38472
CVE-2024-38472 : Apache HTTP Server on Windows is vulnerable to server-side request forgery (SSRF) that could leak NTLM hashes to a malicious server via crafted requests, due to improper validation of Windows UNC/UNC paths. The issue is addressed by upgrading to Apache HTTP Server 2.4.60 (as note...