Home

CVE-2021-40438

Description

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

Risk Information

Base Score
9.0
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
94.432

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2021-33193,CVE-2021-34798,CVE-2021-36160,CVE-2021-39275,CVE-2021-40438 are fixed in Apache Apache 2.4.49Windows
Vulnerabilities CVE-2021-40438,CVE-2021-34798,CVE-2021-39275 are fixed in IBM HTTP 9.0.5.10Windows
Multiple vulnerabilities are affected in Oracle HTTP Server 12.2.1.3.0Windows
Multiple vulnerabilities are affected in Oracle HTTP Server 12.2.1.4.0Windows
Apache HTTP server (USN-5090-1) apache2_2.4.41-4ubuntu3.5_i386.debLinux
Apache HTTP server (USN-5090-1) apache2_2.4.41-4ubuntu3.5_amd64.debLinux
Apache HTTP server (USN-5090-1) apache2_2.4.46-4ubuntu1.2_i386.debLinux
Apache HTTP server (USN-5090-1) apache2_2.4.46-4ubuntu1.2_amd64.debLinux
Apache HTTP server (USN-5090-1) apache2_2.4.29-1ubuntu4.17_i386.debLinux
Apache HTTP server (USN-5090-1) apache2_2.4.29-1ubuntu4.17_amd64.debLinux
Apache HTTP server (USN-5090-1) apache2-bin_2.4.41-4ubuntu3.5_i386.debLinux
Apache HTTP server (USN-5090-1) apache2-bin_2.4.41-4ubuntu3.5_amd64.debLinux
Apache HTTP server (USN-5090-1) apache2-bin_2.4.46-4ubuntu1.2_i386.debLinux
Apache HTTP server (USN-5090-1) apache2-bin_2.4.46-4ubuntu1.2_amd64.debLinux
Apache HTTP server (USN-5090-1) apache2-bin_2.4.29-1ubuntu4.17_i386.debLinux
Apache HTTP server (USN-5090-1) apache2-bin_2.4.29-1ubuntu4.17_amd64.debLinux
(RHSA-2021:3856) httpd security update httpd-2.4.6-97.el7_9.1.x86_64.rpmLinux
(RHSA-2021:3856) httpd security update httpd-devel-2.4.6-97.el7_9.1.x86_64.rpmLinux
(RHSA-2021:3856) httpd security update httpd-manual-2.4.6-97.el7_9.1.noarch.rpmLinux
(RHSA-2021:3856) httpd security update httpd-tools-2.4.6-97.el7_9.1.x86_64.rpmLinux
(RHSA-2021:3856) httpd security update mod_ldap-2.4.6-97.el7_9.1.x86_64.rpmLinux
(RHSA-2021:3856) httpd security update mod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpmLinux
(RHSA-2021:3856) httpd security update mod_session-2.4.6-97.el7_9.1.x86_64.rpmLinux
(RHSA-2021:3856) httpd security update mod_ssl-2.4.6-97.el7_9.1.x86_64.rpmLinux
Httpd update (ELSA-2021-3816) httpd-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.x86_64.rpmLinux
Httpd-devel update (ELSA-2021-3816) httpd-devel-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.x86_64.rpmLinux
Httpd-filesystem update (ELSA-2021-3816) httpd-filesystem-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.noarch.rpmLinux
Httpd-manual update (ELSA-2021-3816) httpd-manual-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.noarch.rpmLinux
Httpd-tools update (ELSA-2021-3816) httpd-tools-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.x86_64.rpmLinux
Mod_http2 update (ELSA-2021-3816) mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.x86_64.rpmLinux
Mod_ldap update (ELSA-2021-3816) mod_ldap-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.x86_64.rpmLinux
Mod_md update (ELSA-2021-3816) mod_md-2.0.8-8.module+el8.3.0+7816+49791cfd.x86_64.rpmLinux
Mod_proxy_html update (ELSA-2021-3816) mod_proxy_html-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.x86_64.rpmLinux
Mod_session update (ELSA-2021-3816) mod_session-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.x86_64.rpmLinux
Mod_ssl update (ELSA-2021-3816) mod_ssl-2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1.x86_64.rpmLinux
Httpd update (ELSA-2021-3856) httpd-2.4.6-97.0.1.el7_9.1.x86_64.rpmLinux
Httpd-devel update (ELSA-2021-3856) httpd-devel-2.4.6-97.0.1.el7_9.1.x86_64.rpmLinux
Httpd-manual update (ELSA-2021-3856) httpd-manual-2.4.6-97.0.1.el7_9.1.noarch.rpmLinux
Httpd-tools update (ELSA-2021-3856) httpd-tools-2.4.6-97.0.1.el7_9.1.x86_64.rpmLinux
Mod_ldap update (ELSA-2021-3856) mod_ldap-2.4.6-97.0.1.el7_9.1.x86_64.rpmLinux
Mod_proxy_html update (ELSA-2021-3856) mod_proxy_html-2.4.6-97.0.1.el7_9.1.x86_64.rpmLinux
Mod_session update (ELSA-2021-3856) mod_session-2.4.6-97.0.1.el7_9.1.x86_64.rpmLinux
Mod_ssl update (ELSA-2021-3856) mod_ssl-2.4.6-97.0.1.el7_9.1.x86_64.rpmLinux
apache2 security update(DSA-4982-1) apache2_2.4.38-3+deb10u6_amd64.debLinux
apache2 security update(DSA-4982-1) apache2_2.4.38-3+deb10u6_i386.debLinux
apache2 security update(DSA-4982-1) Debian_apache2_2.4.38-3+deb10u6_amd64.debLinux
apache2 security update(DSA-4982-1) apache2_2.4.51-1~deb11u1_amd64.debLinux
(RHSA-2021:3816) httpd:2.4 security update httpd-2.4.37-39.module+el8.4.0+12865+a7065a39.1.x86_64.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update httpd-debugsource-2.4.37-39.module+el8.4.0+12865+a7065a39.1.x86_64.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update httpd-devel-2.4.37-39.module+el8.4.0+12865+a7065a39.1.x86_64.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update httpd-filesystem-2.4.37-39.module+el8.4.0+12865+a7065a39.1.noarch.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update httpd-manual-2.4.37-39.module+el8.4.0+12865+a7065a39.1.noarch.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update httpd-tools-2.4.37-39.module+el8.4.0+12865+a7065a39.1.x86_64.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update mod_ldap-2.4.37-39.module+el8.4.0+12865+a7065a39.1.x86_64.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update mod_proxy_html-2.4.37-39.module+el8.4.0+12865+a7065a39.1.x86_64.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update mod_session-2.4.37-39.module+el8.4.0+12865+a7065a39.1.x86_64.rpmLinux
(RHSA-2021:3816) httpd:2.4 security update mod_ssl-2.4.37-39.module+el8.4.0+12865+a7065a39.1.x86_64.rpmLinux
Vulnerabilities CVE-2021-33193,CVE-2021-34798,CVE-2021-36160,CVE-2021-39275,CVE-2021-40438 are fixed in Apache Apache 2.4.49 (For Linux)Linux
Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234