What is CVE-2022-31813?

CVE-2022-31813 is a vulnerability in the mod_proxy module of Apache HTTP Server that allows a remote attacker to bypass security restrictions.

How can a remote attacker exploit CVE-2022-31813?

A remote attacker can exploit CVE-2022-31813 to bypass IP based authentication.

What is the severity of CVE-2022-31813?

CVE-2022-31813 has a severity rating of critical.

Which versions of Apache HTTP Server are affected by CVE-2022-31813?

Apache HTTP Server versions up to and including 2.4.54 are affected by CVE-2022-31813.

Where can I find more information about CVE-2022-31813?

You can find more information about CVE-2022-31813 at the following references: [Reference 1](https://httpd.apache.org/security/vulnerabilities_24.html), [Reference 2](https://www.openwall.com/lists/oss-security/2022/06/08/8), [Reference 3](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2095021).

Vulnerability/
CVE-2022-31813

critical

9.8

CWE

345 348

8/6/2022

11/11/2024

CVE-2022-31813: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism

First published: Wed Jun 08 2022(Updated: )

A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.

Credit: security@apache.org

Affected Software	Affected Version	How to fix
Apache HTTP server	<=2.4.53
NetApp Clustered Data ONTAP
Fedoraproject Fedora	=35
Fedoraproject Fedora	=36
redhat/jbcs-httpd24-httpd	<0:2.4.51-37.el8	0:2.4.51-37.el8
redhat/jbcs-httpd24-httpd	<0:2.4.51-37.el7	0:2.4.51-37.el7
redhat/httpd	<0:2.4.53-7.el9	0:2.4.53-7.el9
redhat/httpd24-httpd	<0:2.4.34-23.el7.5	0:2.4.34-23.el7.5

Remedy

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is CVE-2022-31813?
CVE-2022-31813 is a vulnerability in the mod_proxy module of Apache HTTP Server that allows a remote attacker to bypass security restrictions.
How can a remote attacker exploit CVE-2022-31813?
A remote attacker can exploit CVE-2022-31813 to bypass IP based authentication.
What is the severity of CVE-2022-31813?
CVE-2022-31813 has a severity rating of critical.
Which versions of Apache HTTP Server are affected by CVE-2022-31813?
Apache HTTP Server versions up to and including 2.4.54 are affected by CVE-2022-31813.
Where can I find more information about CVE-2022-31813?
You can find more information about CVE-2022-31813 at the following references: [Reference 1](https://httpd.apache.org/security/vulnerabilities_24.html), [Reference 2](https://www.openwall.com/lists/oss-security/2022/06/08/8), [Reference 3](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2095021).

collector/redhat-cve
collector/nvd-index
agent/weakness
agent/type
agent/first-publish-date
agent/softwarecombine
agent/author
agent/severity
agent/remedy
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2022-31813
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/references
agent/title
collector/ibm-support
source/IBM
agent/last-modified-date
agent/tags
agent/event
agent/trending
package-manager/redhat
vendor/apache
canonical/apache http server
version/apache http server/2.4.53
vendor/netapp
canonical/netapp clustered data ontap
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/35
version/fedoraproject fedora/36