BDU:2021-04820
Scores
EPSS Score
0.0000
CVSS
3.x 9.8
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
All CVSS Scores
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Description
Уязвимость модуля mod_proxy веб-сервера Apache HTTP Server связана с недостаточной проверкой поступающих запросов. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, осуществить SSRF-атаку
Sources
Related Vulnerabilities
Reference Links
Vulnerable Software
Type: Configuration
Product: apache2
Operating System: astra 8.1.4
{
"unaffected": true
}Source: astra
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: rosa virtualization 2.1
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: astra 1.6
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: strelets *
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: astra 4.7
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: astra 1.7
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: fedora 34
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: astra 8.1
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: red hat enterprise linux 8
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: роса кобальт 7.9
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: осон основа оnyx *
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: altlinux 8
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: apache software foundation
Product: apache http server
Operating System: fedora 35
{
"version_end_including": "2.4.48"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: astra 1.7
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: strelets *
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: astra 4.7
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: fedora 35
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: fedora 34
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: astra 1.6
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: astra 8.1
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: red hat enterprise linux 8
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: rosa virtualization 2.1
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: роса кобальт 7.9
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: осон основа оnyx *
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: jboss core services
Operating System: altlinux 8
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: astra 1.6
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: fedora 35
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: altlinux 8
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: осон основа оnyx *
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: strelets *
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: rosa virtualization 2.1
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: red hat enterprise linux 8
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: astra 8.1
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: fedora 34
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: astra 1.7
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: astra 4.7
{
"version_exact": "*"
}Source: bdu
Type: Configuration
Vendor: red hat inc.
Product: red hat software collections
Operating System: роса кобальт 7.9
{
"version_exact": "*"
}Source: bdu