F5-K000140618: SSRF
First published: Thu Aug 08 2024(Updated: )
Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 Traffix Systems Signaling Delivery Controller | =5.2.0=5.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of F5-K000140618?
The severity of F5-K000140618 is high due to the potential for information disclosure and local script execution.
How do I fix F5-K000140618?
To fix F5-K000140618, upgrade to Apache HTTP Server version 2.4.60 or later.
Which versions are affected by F5-K000140618?
F5-K000140618 affects Apache HTTP Server up to version 2.4.59.
What impact does F5-K000140618 have on my system?
F5-K000140618 can lead to information disclosure or allow unauthorized script execution via backend applications.
Is F5 Traffix Systems Signaling Delivery Controller vulnerable to F5-K000140618?
Yes, specific versions of F5 Traffix SDC, namely 5.1.0 and 5.2.0, are vulnerable to F5-K000140618.
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/softwarecombine
- agent/type
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/f5-advisory
- source/F5
- alias/CVE-2024-38476
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/f5 traffix systems signaling delivery controller
- version/f5 traffix systems signaling delivery controller/5.2.0
- version/f5 traffix systems signaling delivery controller/5.1.0