CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules
First published: Thu Apr 04 2024(Updated: )
Accounts. The issue was addressed with improved checks.
Credit: security@apache.org Yeto IES Red Team ByteDanceCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Michael DePlante @izobashi Trend Micro Zero Day InitiativeCertiK SkyFall Team D4m0n Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsCVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 an anonymous researcher Yann Gascuel Alter Solutionsw0wbox CVE-2023-6277 CVE-2023-52356 Yisumi Junsung Lee Trend Micro Zero Day Initiative CrowdStrike Counter Adversary OperationsGandalf4a Ye Zhang @VAR10CK Baidu Securitysqrtpwn Minghao Lin Zhejiang UniversityJiaxun Zhu Zhejiang UniversityPatrick Wardle DoubleYouCVE-2024-40805 Rodolphe BRUNETTI @eisw0lf Adam M. CVE-2024-6387 Zhongquan Li @Guluisacat Dawn Security Lab of JingDongMickey Jin @patch1t Kandji KandjiMateen Alinaghi Claudio Bozzato Cisco TalosFrancesco Benvenuto Cisco TalosCsaba Fitzl @theevilbit Offensive SecurityYadhu Krishna M Cyber Security At Suma Soft PvtNarendra Bhati Cyber Security At Suma Soft PvtManager Cyber Security At Suma Soft PvtPune (India) Wojciech Regula SecuRing Dawn Security Lab of JingDongKirin @Pwnrin Joshua Jones Jiwon Park Marcio Almeida Tanto SecurityBistrit Dahal Srijan Poudel Jiahui Hu (梅零落) NorthSeaMeng Zhang (鲸落) NorthSeaArsenii Kostromin (0x3c3e) Huang Xilin Ant Group LightMaksymilian Motyl Johan Carlsson (joaxcar) Seunghyun Lee @0x10n KAIST Hacking Lab working with Trend Micro Zero Day InitiativeCVE-2024-4558 Matthew Butler Gary Kwong Andreas Jaegersberger Ro Achterberg
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Aspera Console | <=3.4.0 - 3.4.2 PL9 | |
| redhat/httpd | <2.4.59 | 2.4.59 |
| Apple macOS | <14.6 | 14.6 |
| debian/apache2 | 2.4.62-1~deb11u1 2.4.62-1~deb11u2 2.4.62-1~deb12u2 2.4.63-1 | |
| debian/uwsgi | <=2.0.19.1-7.1<=2.0.21-5.1<=2.0.28-8 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=17.1.0<=17.1.2 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=16.1.0<=16.1.5 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=15.1.0<=15.1.10 | |
| F5 F5OS-A | =1.7.0>=1.5.0<=1.5.2=1.4.0>=1.3.0<=1.3.2 | |
| F5 F5OS-C | >=1.6.0<=1.6.2>=1.5.0<=1.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/286940
- https://www.ibm.com/support/pages/node/7155202 (Advisory)
- https://security.netapp.com/advisory/ntap-20240415-0013/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/
- http://www.openwall.com/lists/oss-security/2024/04/04/5
- https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00014.html
- https://launchpad.net/bugs/cve/CVE-2024-24795
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795
- https://nvd.nist.gov/vuln/detail/CVE-2024-24795
- https://security-tracker.debian.org/tracker/CVE-2024-24795
- https://ubuntu.com/security/CVE-2024-24795
- https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-24795
- https://svn.apache.org/viewvc?view=revision&revision=1916769
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2273500
- https://access.redhat.com/errata/RHSA-2024:9306
- https://bugzilla.redhat.com/show_bug.cgi?id=2273499
- http://seclists.org/fulldisclosure/2024/Jul/18
- https://support.apple.com/kb/HT214119
- https://support.apple.com/en-us/HT214119 (Advisory)
- https://my.f5.com/manage/s/article/K000139447
- https://www.openwall.com/lists/oss-security/2024/04/04/5
- https://github.com/apache/httpd/commit/a29723ce1af75eed0813c3717d3f6dee9b405ca8
- https://bz.apache.org/bugzilla/show_bug.cgi?id=68905
- https://fossil-scm.org/home/info/f4ffefe708793b03
- https://github.com/unbit/uwsgi/issues/2635
- https://support.apple.com/en-us/120911 (Advisory)
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2024-40804
- CVE-2023-38709
- CVE-2024-24795
- CVE-2024-27316
- CVE-2024-40783
- CVE-2024-40774
- CVE-2024-40814
- CVE-2024-40775
- CVE-2024-27877
- CVE-2024-27878
- CVE-2024-40799
- CVE-2024-27873
- CVE-2024-2004
- CVE-2024-2379
- CVE-2024-2398
- CVE-2024-2466
- CVE-2024-40827
- CVE-2024-40815
- CVE-2024-40795
- CVE-2023-6277
- CVE-2023-52356
- CVE-2024-40806
- CVE-2024-40777
- CVE-2024-40784
- CVE-2024-27863
- CVE-2024-40816
- CVE-2024-40788
- CVE-2024-40803
- CVE-2024-40805
- CVE-2024-40832
- CVE-2024-40796
- CVE-2024-6387
- CVE-2024-40781
- CVE-2024-40802
- CVE-2024-40823
- CVE-2024-27882
- CVE-2024-27883
- CVE-2024-40778
- CVE-2024-40800
- CVE-2023-27952
- CVE-2024-40817
- CVE-2024-40824
- CVE-2024-27871
- CVE-2024-27881
- CVE-2024-40821
- CVE-2024-40798
- CVE-2024-27872
- CVE-2024-27862
- CVE-2024-40833
- CVE-2024-40835
- CVE-2024-40836
- CVE-2024-40807
- CVE-2024-40834
- CVE-2024-40809
- CVE-2024-40812
- CVE-2024-40787
- CVE-2024-40793
- CVE-2024-40818
- CVE-2024-40822
- CVE-2024-40828
- CVE-2024-40811
- CVE-2024-40776
- CVE-2024-40782
- CVE-2024-40779
- CVE-2024-40780
- CVE-2024-40785
- CVE-2024-40789
- CVE-2024-4558
- CVE-2024-40794
- CVE-2024-44306
- CVE-2024-44307
- CVE-2024-44141
- CVE-2024-40810
- CVE-2024-44205
- CVE-2024-44185
- CVE-2024-44206
Frequently Asked Questions
What is the severity of CVE-2024-24795?
CVE-2024-24795 is a critical vulnerability that allows for HTTP response splitting attacks.
How do I fix CVE-2024-24795?
To mitigate CVE-2024-24795, update affected software packages to the latest versions as indicated by their respective vendors.
Which versions are affected by CVE-2024-24795?
CVE-2024-24795 affects multiple versions of Apache HTTP Server and related products, particularly those below specified patch levels.
Can CVE-2024-24795 be exploited remotely?
Yes, CVE-2024-24795 can be exploited remotely by an attacker to inject arbitrary HTTP headers.
What are the potential impacts of CVE-2024-24795?
Exploitation of CVE-2024-24795 could allow attackers to conduct malicious actions, such as redirecting users or capturing sensitive information.
- collector/oss-sec
- source/oss-sec
- alias/CVE-2024-24795
- agent/title
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- collector/launchpad-cve
- source/Launchpad
- collector/usn-cve
- source/Ubuntu
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- collector/nvd-cve
- agent/trending
- agent/last-modified-date
- agent/source
- collector/apple-support
- source/Apple
- alias/CVE-2024-27316
- agent/software-canonical-lookup-request
- alias/CVE-2023-38709
- alias/CVE-2024-40783
- alias/CVE-2024-40774
- alias/CVE-2024-40814
- alias/CVE-2024-40775
- alias/CVE-2024-27877
- alias/CVE-2024-27878
- alias/CVE-2024-44306
- alias/CVE-2024-44307
- alias/CVE-2024-40799
- alias/CVE-2024-27873
- alias/CVE-2024-2004
- alias/CVE-2024-2379
- alias/CVE-2024-2398
- alias/CVE-2024-2466
- alias/CVE-2024-40827
- alias/CVE-2024-44141
- alias/CVE-2024-40815
- alias/CVE-2024-40795
- alias/CVE-2023-6277
- alias/CVE-2023-52356
- alias/CVE-2024-40806
- alias/CVE-2024-40777
- alias/CVE-2024-40784
- alias/CVE-2024-40810
- alias/CVE-2024-27863
- alias/CVE-2024-40816
- alias/CVE-2024-40788
- alias/CVE-2024-40803
- alias/CVE-2024-40805
- alias/CVE-2024-40832
- alias/CVE-2024-40796
- alias/CVE-2024-6387
- alias/CVE-2024-40781
- alias/CVE-2024-40802
- alias/CVE-2024-40823
- alias/CVE-2024-27882
- alias/CVE-2024-27883
- alias/CVE-2024-40778
- alias/CVE-2024-40800
- alias/CVE-2023-27952
- alias/CVE-2024-40817
- alias/CVE-2024-40824
- alias/CVE-2024-27871
- alias/CVE-2024-27881
- alias/CVE-2024-40821
- alias/CVE-2024-40798
- alias/CVE-2024-27872
- alias/CVE-2024-27862
- alias/CVE-2024-40833
- alias/CVE-2024-40835
- alias/CVE-2024-40836
- alias/CVE-2024-40807
- alias/CVE-2024-40834
- alias/CVE-2024-40809
- alias/CVE-2024-40812
- alias/CVE-2024-40787
- alias/CVE-2024-40793
- alias/CVE-2024-40818
- alias/CVE-2024-40822
- alias/CVE-2024-44205
- alias/CVE-2024-40828
- alias/CVE-2024-40811
- alias/CVE-2024-40776
- alias/CVE-2024-40782
- alias/CVE-2024-40779
- alias/CVE-2024-40780
- alias/CVE-2024-40785
- alias/CVE-2024-40789
- alias/CVE-2024-4558
- alias/CVE-2024-40794
- alias/CVE-2024-44185
- alias/CVE-2024-44206
- agent/description
- agent/references
- agent/author
- collector/security-tracker-debian
- source/Debian
- agent/tags
- agent/softwarecombine
- agent/event
- collector/f5-advisory
- source/F5
- vendor/ibm
- canonical/ibm aspera console
- version/ibm aspera console/3.4.0 - 3.4.2 pl9
- package-manager/redhat
- vendor/apple
- canonical/apple macos
- package-manager/debian
- vendor/f5
- canonical/f5 big-ip and big-iq centralized management
- version/f5 big-ip and big-iq centralized management/17.1.0
- version/f5 big-ip and big-iq centralized management/17.1.2
- version/f5 big-ip and big-iq centralized management/16.1.0
- version/f5 big-ip and big-iq centralized management/16.1.5
- version/f5 big-ip and big-iq centralized management/15.1.0
- version/f5 big-ip and big-iq centralized management/15.1.10
- canonical/f5 f5os-a
- version/f5 f5os-a/1.7.0
- version/f5 f5os-a/1.5.0
- version/f5 f5os-a/1.5.2
- version/f5 f5os-a/1.4.0
- version/f5 f5os-a/1.3.0
- version/f5 f5os-a/1.3.2
- canonical/f5 f5os-c
- version/f5 f5os-c/1.6.0
- version/f5 f5os-c/1.6.2
- version/f5 f5os-c/1.5.0
- version/f5 f5os-c/1.5.1