发布时间: 2022年6月24日
修改时间: 2024年10月31日
Inconsistent Interpretation of HTTP Requests ( HTTP Request Smuggling ) vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | None | Low |
| Attack Vector | Network | Network |
| CVSS评分 | 7.5 | 6.5 |
| Attack Complexity | Low | High |
| Privileges Required | None | None |
| Scope | Unchanged | Changed |
| Integrity | High | Low |
| User Interaction | None | None |
| Availability | None | Low |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2022-1661 | httpd security update | 2022年6月24日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | httpd | Fixed |
| KY3.4-5 | httpd | Fixed |
| KY3.5.1 | httpd | Fixed |
