Endpoint Vulnerability

Apache Httpd - moderate:mod_proxy reverse proxy exposure(CVE-2011-3368)


An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker.

Affected Products

Apache Httpd