CVE-2021-40438

ADVISORY - nist

Summary

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

EPSS Score⁠: 0.94432 (1.000)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-918⁠

Server-Side Request Forgery (SSRF)

ADVISORY - redhat

CWE-918⁠

Server-Side Request Forgery (SSRF)

Impacted images

Advisories

NIST

CREATED

4 years ago

UPDATED

1 month ago

ADVISORY IDCVE-2021-40438⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-918⁠

CVSS SCORE

9critical

Alpine

CREATED

4 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2021-40438⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

4 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2021-40438⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

4 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2021-40438⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9medium

Alma

CREATED

4 years ago

UPDATED

3 years ago

ADVISORY IDALSA-2021:3816⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDALAS-2021-1543⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDALAS2-2021-1716⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Bitnami

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

BIT-2021-40438

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

Bitnami

CREATED

1 year ago

UPDATED

1 month ago

ADVISORY ID

BIT-apache-2021-40438

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9critical

Red Hat

CREATED

4 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2021-40438⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-918⁠

CVSS SCORE

9high

Rocky

CREATED

4 years ago

UPDATED

4 months ago

ADVISORY IDRLSA-2021:3816⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDELSA-2021-3816⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDELSA-2021-3856⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

intheWild

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2021-40438⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

CISA

CREATED

4 years ago

UPDATED

3 months ago

ADVISORY ID

CVE-2021-40438

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY