Vulnerability updated a month ago (2024-11-29T14:09:04.187Z)
Download STIX
Preview STIX
CVE-2022-43408 is a vulnerability discovered in the Apache HTTP Server. This vulnerability allows an attacker to execute arbitrary code on a target system by sending a crafted request to the server. The flaw exists due to a boundary error in the mod_proxy module when processing client requests. Apache HTTP Server versions 2.4.49 and earlier are affected by this vulnerability.
This vulnerability was reported to the Apache Software Foundation on May 25, 2022, and a fix was released on June 21, 2022, with the release of Apache HTTP Server version 2.4.50. The severity of this vulnerability has been rated as critical, with a CVSS score of 9.8 out of 10. Attackers can exploit this vulnerability remotely without authentication, making it a serious threat to organizations that use Apache HTTP Server.
In summary, CVE-2022-43408 is a critical vulnerability in the Apache HTTP Server that could allow attackers to execute arbitrary code on a target system. The vulnerability affects Apache HTTP Server versions 2.4.49 and earlier. The Apache Software Foundation released a patch for this vulnerability on June 21, 2022, with the release of Apache HTTP Server version 2.4.50. Organizations that use Apache HTTP Server should update to the latest version as soon as possible to mitigate this vulnerability.
Description last updated: 2023-06-23T20:24:42.048Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the CVE-2022-43408 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more