5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.3%
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows
remote attackers to cause a denial of service (NULL pointer dereference,
process crash, and disk consumption) via a POST request with a large body
and a crafted Content-Type header.