HTTP: Apache httpd mod_proxy Unix Socket Path Handling Server-Side Request Forgery

This signature detects attempts to exploit a known vulnerability against Apache HTTP server. A successful attack can lead to information disclosure or spoofing conditions.

Extended Description

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

Affected Products

Redhat enterprise_linux_server_update_services_for_sap_solutions

References

CVE: CVE-2021-40438

Short Name
HTTP:APACHE:MOD-PROXY-SSRF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2021-40438 Forgery Handling Path Request Server-Side Socket Unix httpd mod_proxy
Release Date
11/02/2021
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3809
False Positive
Unknown
Vendors

Broadcom

F5

Redhat

Siemens

Resf

Fedoraproject

Oracle

Apache

Netapp

Debian

Tenable

CVSS Score

6.8

Found a potential security threat?