CVE-2018-11469
Description
Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.028
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| fast and reliable load balancing reverse proxy (USN-3663-1) haproxy_1.8.8-1ubuntu0.1_i386.deb | Linux |
| fast and reliable load balancing reverse proxy (USN-3663-1) haproxy_1.8.8-1ubuntu0.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234