- Description
- SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing.
- Source
- security@apache.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- security@apache.org
- CWE-918
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2024-49128 2 - CVE-2024-21182 3 - CVE-2024-3094 4 - CVE-2024-12744 5 - CVE-2024-38472 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
1 Jan 2025
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Akhir tahun kita closingan dengan BloodHound dan httpX karna PoC buat CVE udah banyak banget, tenkyu gxc dan kawan-kawan. > CVE-2024-38472 > CVE-2024-39573 > CVE-2024-38477 > CVE-2024-38476 > CVE-2024-38475 > CVE-2024-38474 > CVE-2024-38473 > CVE-2023-387
@byt3n33dl3
31 Dec 2024
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
mrmtwoj/apache-vulnerability-testing: Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709 https://t.co/1vHVQPeJmm
@Alra3ees
30 Dec 2024
4962 Impressions
33 Retweets
132 Likes
111 Bookmarks
1 Reply
0 Quotes
GitHub - mrmtwoj/apache-vulnerability-testing: Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709 https://t.co/wxO2nxclqJ
@akaclandestine
14 Dec 2024
2095 Impressions
16 Retweets
48 Likes
27 Bookmarks
0 Replies
0 Quotes