Apache.HTTP.Server.mod_proxy.SSRF
Description
This indicates an attack attempt to exploit a Server-Side Request Forgery Vulnerability in Apache HTTP Server.
The vulnerability is due to improper sanitation of a crafted HTTP user input. A remote unauthenticated attacker could exploit this vulnerability by sending an HTTP request to the target vulnerable server. Successful exploitation leads to the disclosure of information which may be used to facilitate further compromise.
Affected Products
Apache HTTP Server 2.4.48 and earlier.
Impact
Security Bypass: Remote attackers can bypass security checks of vulnerable systems to make HTTP requests.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://httpd.apache.org/security/vulnerabilities_24.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2022-09-15 | 22.394 | Sig Added |
2021-11-08 | 18.192 | Default_action:pass:drop |
2021-10-27 | 18.186 |