What is the severity of cisco-sa-apache-httpd-2.4.49-VWL69sWQ?

The severity of cisco-sa-apache-httpd-2.4.49-VWL69sWQ is high due to the multiple vulnerabilities that could allow for remote code execution and denial of service.

How do I fix cisco-sa-apache-httpd-2.4.49-VWL69sWQ?

To fix cisco-sa-apache-httpd-2.4.49-VWL69sWQ, you should upgrade your Apache HTTP Server to version 2.4.50 or later.

What vulnerabilities are addressed in cisco-sa-apache-httpd-2.4.49-VWL69sWQ?

cisco-sa-apache-httpd-2.4.49-VWL69sWQ addresses five vulnerabilities affecting Apache HTTP Server that may lead to severe impacts including arbitrary code execution.

Is cisco-sa-apache-httpd-2.4.49-VWL69sWQ applicable to all Apache HTTP Server installations?

cisco-sa-apache-httpd-2.4.49-VWL69sWQ is applicable to all Apache HTTP Server versions up to 2.4.49, so any installation using that version or earlier is vulnerable.

Are there any workarounds for cisco-sa-apache-httpd-2.4.49-VWL69sWQ?

No official workarounds for cisco-sa-apache-httpd-2.4.49-VWL69sWQ are provided; upgrading to a secure version is the recommended course of action.

Vulnerability/
cisco-sa-apache-httpd-2.4.49-VWL69sWQ

critical

CWE

120 125 476 918

24/11/2021

cisco-sa-apache-httpd-2.4.49-VWL69sWQ: Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021

First published: Wed Nov 24 2021(Updated: 3 years ago)

On September 16, 2021, the Apache Software Foundation disclosed five vulnerabilities affecting the Apache HTTP Server (httpd) 2.4.48 and earlier releases. For a description of these vulnerabilities, see the Apache HTTP Server 2.4.49 section of the Apache HTTP Server 2.4 vulnerabilities webpage. This advisory will be updated as additional information becomes available. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ

Credit: These vulnerabilities were publicly disclosed by the Apache Software Foundation on September 16 2021.

Affected Software	Affected Version	How to fix
Apache Http Server	<2.4.49

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of cisco-sa-apache-httpd-2.4.49-VWL69sWQ?
The severity of cisco-sa-apache-httpd-2.4.49-VWL69sWQ is high due to the multiple vulnerabilities that could allow for remote code execution and denial of service.
How do I fix cisco-sa-apache-httpd-2.4.49-VWL69sWQ?
To fix cisco-sa-apache-httpd-2.4.49-VWL69sWQ, you should upgrade your Apache HTTP Server to version 2.4.50 or later.
What vulnerabilities are addressed in cisco-sa-apache-httpd-2.4.49-VWL69sWQ?
cisco-sa-apache-httpd-2.4.49-VWL69sWQ addresses five vulnerabilities affecting Apache HTTP Server that may lead to severe impacts including arbitrary code execution.
Is cisco-sa-apache-httpd-2.4.49-VWL69sWQ applicable to all Apache HTTP Server installations?
cisco-sa-apache-httpd-2.4.49-VWL69sWQ is applicable to all Apache HTTP Server versions up to 2.4.49, so any installation using that version or earlier is vulnerable.
Are there any workarounds for cisco-sa-apache-httpd-2.4.49-VWL69sWQ?
No official workarounds for cisco-sa-apache-httpd-2.4.49-VWL69sWQ are provided; upgrading to a secure version is the recommended course of action.

agent/last-modified-date
agent/first-publish-date
agent/type
agent/event
collector/cisco-advisory
source/Cisco
agent/weakness
agent/references
agent/author
agent/title
agent/remedy
agent/severity
agent/description
agent/trending
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/apache
canonical/apache http server

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.