CVE-2014-3624CVE-2014-3624

Affected configuration(s):

cpe:/a:apache:traffic_server:5.1.0

Date published: 2017-10-30T10:29:00.547-04:00

Date last modified: 2017-11-17T13:20:53.920-05:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://mail-archives.apache.org/mod_mbox/www-announce/201411.mbox/%3C20141101231749.2E3561043F@minotaur.apache.org%3E

Summary: Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.