Apache.HTTP.Server.mod_proxy.SSRF

description-logoDescription

This indicates an attack attempt to exploit a Server-Side Request Forgery Vulnerability in Apache HTTP Server.
The vulnerability is due to improper sanitation of a crafted HTTP user input. A remote unauthenticated attacker could exploit this vulnerability by sending an HTTP request to the target vulnerable server. Successful exploitation leads to the disclosure of information which may be used to facilitate further compromise.

affected-products-logoAffected Products

Apache HTTP Server 2.4.48 and earlier.

Impact logoImpact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems to make HTTP requests.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://httpd.apache.org/security/vulnerabilities_24.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-09-15 22.394 Sig Added
2021-11-08 18.192 Default_action:pass:drop
2021-10-27 18.186