Endpoint Vulnerability

Apache Httpd - moderate:mod_proxy reverse proxy exposure(CVE-2011-4317)


An additional exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker.

Affected Products

Apache Httpd