Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-40898

Опубликовано: 18 июл. 2024
Источник: nvd
CVSS3: 7.5
CVSS3: 9.1
EPSS Низкий

Описание

SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.

Users are recommended to upgrade to version 2.4.62 which fixes this issue. 

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
Версия до 2.4.62 (исключая)
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00084
Низкий

7.5 High

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-918

Связанные уязвимости

ubuntu логотип

CVE-2024-40898

CVSS3: 7.5
ubuntu
11 месяцев назад

SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue.

redhat логотип

CVE-2024-40898

CVSS3: 7.5
redhat
11 месяцев назад

SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. 

msrc логотип

CVE-2024-40898

CVSS3: 7.5
msrc
11 месяцев назад

Описание отсутствует

debian логотип

CVE-2024-40898

CVSS3: 7.5
debian
11 месяцев назад

SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost ...

github логотип

GHSA-f6mg-hq7f-jw2j

CVSS3: 9.1
github
11 месяцев назад

SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. 

EPSS

Процентиль: 25%
0.00084
Низкий

7.5 High

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-918