CVE-2021-40438 - Vulnerability Details

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is in the KEV database since Dec. 1, 2021.

Exploitation active

Automatable no

Technical Impact total

Vendors	Products
Apache	Http Server
Broadcom	Brocade Fabric Operating System Firmware
Debian	Debian Linux
F5	F5os
Fedoraproject	Fedora
Netapp	Cloud Backup Clustered Data Ontap Storagegrid
Oracle	Enterprise Manager Ops Center Http Server Instantis Enterprisetrack Secure Global Desktop Zfs Storage Appliance Kit
Redhat	Enterprise Linux Jboss Core Services Rhel Aus Rhel E4s Rhel Eus Rhel Software Collections Rhel Tus
Siemens	Ruggedcom Nms Sinec Nms Sinema Remote Connect Server Sinema Server
Tenable	Tenable.sc

Configuration 1 [-]

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:34:::::::*
	cpe:2.3:o:fedoraproject:fedora:35:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:a:netapp:cloud_backup:-:::::::*
	cpe:2.3:a:netapp:clustered_data_ontap:-:::::::*
	cpe:2.3:a:netapp:storagegrid:-:::::::*
	cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:::::::*

Configuration 5 [-]

OR	cpe:2.3:o:f5:f5os::::::::
	cpe:2.3:o:f5:f5os::::::::

Configuration 6 [-]

OR	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
	cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*
	cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*
	cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*
	cpe:2.3:a:oracle:secure_global_desktop:5.6:::::::*
	cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*

Configuration 7 [-]

OR	cpe:2.3:a:siemens:ruggedcom_nms::::::::
	cpe:2.3:a:siemens:sinec_nms::::::::
	cpe:2.3:a:siemens:sinema_remote_connect_server::::::::
	cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:::::::*
	cpe:2.3:a:siemens:sinema_server:14.0:-::::::

Configuration 8 [-]

cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
JBoss Core Services for RHEL 8
jbcs-httpd24-httpd-0:2.4.37-76.el8jbcs	cpe:/a:redhat:jboss_core_services:1::el8	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_cluster-native-0:1.3.16-7.Final_redhat_2.el8jbcs	cpe:/a:redhat:jboss_core_services:1::el8	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_http2-0:1.15.7-19.el8jbcs	cpe:/a:redhat:jboss_core_services:1::el8	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_jk-0:1.2.48-18.redhat_1.el8jbcs	cpe:/a:redhat:jboss_core_services:1::el8	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_md-1:2.0.8-38.el8jbcs	cpe:/a:redhat:jboss_core_services:1::el8	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_security-0:2.9.2-65.GA.el8jbcs	cpe:/a:redhat:jboss_core_services:1::el8	RHSA-2021:3746	2021-10-07T00:00:00Z
JBoss Core Services on RHEL 7
jbcs-httpd24-httpd-0:2.4.37-76.jbcs.el7	cpe:/a:redhat:jboss_core_services:1::el7	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_cluster-native-0:1.3.16-7.Final_redhat_2.jbcs.el7	cpe:/a:redhat:jboss_core_services:1::el7	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_http2-0:1.15.7-19.jbcs.el7	cpe:/a:redhat:jboss_core_services:1::el7	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_jk-0:1.2.48-18.redhat_1.jbcs.el7	cpe:/a:redhat:jboss_core_services:1::el7	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_md-1:2.0.8-38.jbcs.el7	cpe:/a:redhat:jboss_core_services:1::el7	RHSA-2021:3746	2021-10-07T00:00:00Z
jbcs-httpd24-mod_security-0:2.9.2-65.GA.jbcs.el7	cpe:/a:redhat:jboss_core_services:1::el7	RHSA-2021:3746	2021-10-07T00:00:00Z
Red Hat Enterprise Linux 7
httpd-0:2.4.6-97.el7_9.1	cpe:/o:redhat:enterprise_linux:7	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.2 Advanced Update Support
httpd-0:2.4.6-40.el7_2.7	cpe:/o:redhat:rhel_aus:7.2	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.3 Advanced Update Support
httpd-0:2.4.6-45.el7_3.6	cpe:/o:redhat:rhel_aus:7.3	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.4 Advanced Update Support
httpd-0:2.4.6-67.el7_4.7	cpe:/o:redhat:rhel_aus:7.4	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)
httpd-0:2.4.6-89.el7_6.2	cpe:/o:redhat:rhel_aus:7.6	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.6 Telco Extended Update Support
httpd-0:2.4.6-89.el7_6.2	cpe:/o:redhat:rhel_tus:7.6	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
httpd-0:2.4.6-89.el7_6.2	cpe:/o:redhat:rhel_e4s:7.6	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.7 Advanced Update Support
httpd-0:2.4.6-90.el7_7.1	cpe:/o:redhat:rhel_aus:7.7	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.7 Telco Extended Update Support
httpd-0:2.4.6-90.el7_7.1	cpe:/o:redhat:rhel_tus:7.7	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions
httpd-0:2.4.6-90.el7_7.1	cpe:/o:redhat:rhel_e4s:7.7	RHSA-2021:3856	2021-10-14T00:00:00Z
Red Hat Enterprise Linux 8
httpd:2.4-8040020211008164252.522a0ee4	cpe:/a:redhat:enterprise_linux:8	RHSA-2021:3816	2021-10-12T00:00:00Z
Red Hat Enterprise Linux 8.1 Extended Update Support
httpd:2.4-8010020211008125020.c27ad7f8	cpe:/a:redhat:rhel_eus:8.1	RHSA-2021:3837	2021-10-13T00:00:00Z
Red Hat Enterprise Linux 8.2 Extended Update Support
httpd:2.4-8020020211008164029.4cda2c84	cpe:/a:redhat:rhel_eus:8.2	RHSA-2021:3836	2021-10-13T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7
httpd24-httpd-0:2.4.34-22.el7.1	cpe:/a:redhat:rhel_software_collections:3::el7	RHSA-2021:3754	2021-10-11T00:00:00Z
Text-Only JBCS
jbcs-httpd24-httpd	cpe:/a:redhat:jboss_core_services:1	RHSA-2021:3745	2021-10-07T00:00:00Z

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf
https://httpd.apache.org/security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
https://nvd.nist.gov/vuln/detail/CVE-2021-40438
https://security.gentoo.org/glsa/202208-20
https://security.netapp.com/advisory/ntap-20211008-0004/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cve.org/CVERecord?id=CVE-2021-40438
https://www.debian.org/security/2021/dsa-4982
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.tenable.com/security/tns-2021-17

History

Thu, 06 Feb 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2021-12-01'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 14 Aug 2024 00:45:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2021-09-16T14:40:23.000Z

Updated: 2025-02-06T21:09:00.866Z

Reserved: 2021-09-02T00:00:00.000Z

Link: CVE-2021-40438

Vulnrichment

Updated: 2024-08-04T02:44:10.131Z

NVD

Status : Analyzed

Published: 2021-09-16T15:15:07.633

Modified: 2025-03-21T21:01:59.900

Link: CVE-2021-40438

Redhat

Severity : Important

Publid Date: 2021-09-16T00:00:00Z

Links: CVE-2021-40438 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "2.4.48", "status": "affected", "version": "Apache HTTP Server 2.4", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "The issue was discovered by the Apache HTTP security team while analysing CVE-2021-36160"}], "descriptions": [{"lang": "en", "value": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier."}], "metrics": [{"other": {"content": {"other": "high"}, "type": "unknown"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918 Server Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-14T01:07:57.000Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"name": "FEDORA-2021-dce7e7738e", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"name": "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E"}, {"name": "FEDORA-2021-e3f6dd670d", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"}, {"name": "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E"}, {"name": "DSA-4982", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2021/dsa-4982"}, {"name": "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E"}, {"name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.tenable.com/security/tns-2021-17"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20211008-0004/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf"}, {"name": "GLSA-202208-20", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202208-20"}], "source": {"discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2021-09-16T00:00:00", "value": "2.4.49 released"}], "title": "mod_proxy SSRF", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2021-40438", "STATE": "PUBLIC", "TITLE": "mod_proxy SSRF"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache HTTP Server", "version": {"version_data": [{"version_affected": "<=", "version_name": "Apache HTTP Server 2.4", "version_value": "2.4.48"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "The issue was discovered by the Apache HTTP security team while analysing CVE-2021-36160"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{"other": "high"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-918 Server Side Request Forgery (SSRF)"}]}]}, "references": {"reference_data": [{"name": "https://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "MISC", "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"name": "FEDORA-2021-dce7e7738e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"name": "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E"}, {"name": "FEDORA-2021-e3f6dd670d", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"}, {"name": "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37@%3Cbugs.httpd.apache.org%3E"}, {"name": "DSA-4982", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4982"}, {"name": "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a@%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00@%3Cusers.httpd.apache.org%3E"}, {"name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"}, {"name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"name": "https://www.tenable.com/security/tns-2021-17", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2021-17"}, {"name": "https://security.netapp.com/advisory/ntap-20211008-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20211008-0004/"}, {"name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf"}, {"name": "GLSA-202208-20", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-20"}]}, "source": {"discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2021-09-16T00:00:00", "value": "2.4.49 released"}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T02:44:10.131Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"name": "FEDORA-2021-dce7e7738e", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"name": "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E"}, {"name": "FEDORA-2021-e3f6dd670d", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"}, {"name": "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E"}, {"name": "DSA-4982", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2021/dsa-4982"}, {"name": "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E"}, {"name": "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E"}, {"name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.tenable.com/security/tns-2021-17"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20211008-0004/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf"}, {"name": "GLSA-202208-20", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202208-20"}]}, {"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-06T21:08:29.032806Z", "id": "CVE-2021-40438", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-12-01", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-40438"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-06T21:09:00.866Z"}}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2021-40438", "datePublished": "2021-09-16T14:40:23.000Z", "dateReserved": "2021-09-02T00:00:00.000Z", "dateUpdated": "2025-02-06T21:09:00.866Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://httpd.apache.org/security/vulnerabilities_24.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", "name": "FEDORA-2021-dce7e7738e", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"]}, {"url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", "name": "FEDORA-2021-e3f6dd670d", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", "name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E", "name": "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://www.debian.org/security/2021/dsa-4982", "name": "DSA-4982", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", "name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://www.tenable.com/security/tns-2021-17", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20211008-0004/", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202208-20", "name": "GLSA-202208-20", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T02:44:10.131Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-40438", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-06T21:08:29.032806Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-12-01", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-40438"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-06T21:08:13.144Z"}}], "cna": {"title": "mod_proxy SSRF", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "value": "The issue was discovered by the Apache HTTP security team while analysing CVE-2021-36160"}], "metrics": [{"other": {"type": "unknown", "content": {"other": "high"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache HTTP Server", "versions": [{"status": "affected", "version": "Apache HTTP Server 2.4", "versionType": "custom", "lessThanOrEqual": "2.4.48"}]}], "timeline": [{"lang": "en", "time": "2021-09-16T00:00:00", "value": "2.4.49 released"}], "references": [{"url": "https://httpd.apache.org/security/vulnerabilities_24.html", "tags": ["x_refsource_MISC"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", "name": "FEDORA-2021-dce7e7738e", "tags": ["vendor-advisory", "x_refsource_FEDORA"]}, {"url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", "name": "FEDORA-2021-e3f6dd670d", "tags": ["vendor-advisory", "x_refsource_FEDORA"]}, {"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", "name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E", "name": "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://www.debian.org/security/2021/dsa-4982", "name": "DSA-4982", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", "name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", "tags": ["vendor-advisory", "x_refsource_CISCO"]}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["x_refsource_MISC"]}, {"url": "https://www.tenable.com/security/tns-2021-17", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://security.netapp.com/advisory/ntap-20211008-0004/", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["x_refsource_MISC"]}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://security.gentoo.org/glsa/202208-20", "name": "GLSA-202208-20", "tags": ["vendor-advisory", "x_refsource_GENTOO"]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2022-08-14T01:07:57.000Z"}, "x_legacyV4Record": {"credit": [{"lang": "eng", "value": "The issue was discovered by the Apache HTTP security team while analysing CVE-2021-36160"}], "impact": [{"other": "high"}], "source": {"discovery": "UNKNOWN"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_name": "Apache HTTP Server 2.4", "version_value": "2.4.48", "version_affected": "<="}]}, "product_name": "Apache HTTP Server"}]}, "vendor_name": "Apache Software Foundation"}]}}, "timeline": [{"lang": "en", "time": "2021-09-16T00:00:00", "value": "2.4.49 released"}], "data_type": "CVE", "generator": {"engine": "Vulnogram 0.0.9"}, "references": {"reference_data": [{"url": "https://httpd.apache.org/security/vulnerabilities_24.html", "name": "https://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "MISC"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", "name": "FEDORA-2021-dce7e7738e", "refsource": "FEDORA"}, {"url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", "refsource": "MLIST"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", "name": "FEDORA-2021-e3f6dd670d", "refsource": "FEDORA"}, {"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", "name": "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37@%3Cbugs.httpd.apache.org%3E", "name": "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", "refsource": "MLIST"}, {"url": "https://www.debian.org/security/2021/dsa-4982", "name": "DSA-4982", "refsource": "DEBIAN"}, {"url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a@%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00@%3Cusers.httpd.apache.org%3E", "name": "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", "refsource": "MLIST"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", "name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", "refsource": "CISCO"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC"}, {"url": "https://www.tenable.com/security/tns-2021-17", "name": "https://www.tenable.com/security/tns-2021-17", "refsource": "CONFIRM"}, {"url": "https://security.netapp.com/advisory/ntap-20211008-0004/", "name": "https://security.netapp.com/advisory/ntap-20211008-0004/", "refsource": "CONFIRM"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", "refsource": "CONFIRM"}, {"url": "https://security.gentoo.org/glsa/202208-20", "name": "GLSA-202208-20", "refsource": "GENTOO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-918 Server Side Request Forgery (SSRF)"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-40438", "STATE": "PUBLIC", "TITLE": "mod_proxy SSRF", "ASSIGNER": "security@apache.org"}}}}, "cveMetadata": {"cveId": "CVE-2021-40438", "state": "PUBLISHED", "dateUpdated": "2025-02-06T21:09:00.866Z", "dateReserved": "2021-09-02T00:00:00.000Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2021-09-16T14:40:23.000Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"cisaActionDue": "2021-12-15", "cisaExploitAdd": "2021-12-01", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Apache HTTP Server-Side Request Forgery (SSRF)", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "1691C7CE-5CDA-4B9A-854E-3B58C1115526", "versionEndIncluding": "2.4.48", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*", "matchCriteriaId": "8ADFF451-740F-4DBA-BD23-3881945D3E40", "vulnerable": true}, {"criteria": "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2748912-FC54-47F6-8C0C-B96784765B8E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:f5:f5os:*:*:*:*:*:*:*:*", "matchCriteriaId": "80A2EFAB-4D06-4254-B2FE-5D1F84BDFD3A", "versionEndIncluding": "1.1.4", "versionStartIncluding": "1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:f5:f5os:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBACFB6F-D57E-4ECA-81BB-9388E64F7DF3", "versionEndIncluding": "1.2.1", "versionStartIncluding": "1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B095CC03-7077-4A58-AB25-CC5380CDCE5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AD04BEE5-E9A8-4584-A68C-0195CE9C402C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "matchCriteriaId": "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "matchCriteriaId": "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "matchCriteriaId": "7F69B9A5-F21B-4904-9F27-95C0F7A628E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "9DA11710-9EA8-49B4-8FD1-3AEE442F6ADC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:ruggedcom_nms:*:*:*:*:*:*:*:*", "matchCriteriaId": "414A7F48-EFA5-4D86-9F8D-5A179A6CFC39", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*", "matchCriteriaId": "BEF5E6CF-BBA5-4CCF-ACB1-BEF8D2C372B8", "versionEndExcluding": "1.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "98CC9C9A-FE14-4D50-A8EC-C309229356C8", "versionEndExcluding": "3.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "D889831F-64D0-428A-A26C-71152C3B9974", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*", "matchCriteriaId": "B0A5CC25-A323-4D49-8989-5A417D12D646", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", "matchCriteriaId": "A686FAF0-1383-4BBB-B7F5-CBCCAB55B356", "versionEndIncluding": "5.19.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier."}, {"lang": "es", "value": "Un uri-path dise\u00f1ado puede causar que mod_proxy reenv\u00ede la petici\u00f3n a un servidor de origen elegido por el usuario remoto. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores"}], "id": "CVE-2021-40438", "lastModified": "2025-03-21T21:01:59.900", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2021-09-16T15:15:07.633", "references": [{"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf"}, {"source": "security@apache.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"}, {"source": "security@apache.org", "tags": ["Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"source": "security@apache.org", "tags": ["Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202208-20"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20211008-0004/"}, {"source": "security@apache.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"}, {"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4982"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-17"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202208-20"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20211008-0004/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4982"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-17"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security@apache.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-httpd-0:2.4.37-76.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_cluster-native-0:1.3.16-7.Final_redhat_2.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_http2-0:1.15.7-19.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_jk-0:1.2.48-18.redhat_1.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_md-1:2.0.8-38.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_security-0:2.9.2-65.GA.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-httpd-0:2.4.37-76.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_cluster-native-0:1.3.16-7.Final_redhat_2.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_http2-0:1.15.7-19.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_jk-0:1.2.48-18.redhat_1.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_md-1:2.0.8-38.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3746", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_security-0:2.9.2-65.GA.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-10-07T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "httpd-0:2.4.6-97.el7_9.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "httpd-0:2.4.6-40.el7_2.7", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_aus:7.3", "package": "httpd-0:2.4.6-45.el7_3.6", "product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "httpd-0:2.4.6-67.el7_4.7", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_aus:7.6", "package": "httpd-0:2.4.6-89.el7_6.2", "product_name": "Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118)", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_tus:7.6", "package": "httpd-0:2.4.6-89.el7_6.2", "product_name": "Red Hat Enterprise Linux 7.6 Telco Extended Update Support", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_e4s:7.6", "package": "httpd-0:2.4.6-89.el7_6.2", "product_name": "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_aus:7.7", "package": "httpd-0:2.4.6-90.el7_7.1", "product_name": "Red Hat Enterprise Linux 7.7 Advanced Update Support", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_tus:7.7", "package": "httpd-0:2.4.6-90.el7_7.1", "product_name": "Red Hat Enterprise Linux 7.7 Telco Extended Update Support", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3856", "cpe": "cpe:/o:redhat:rhel_e4s:7.7", "package": "httpd-0:2.4.6-90.el7_7.1", "product_name": "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions", "release_date": "2021-10-14T00:00:00Z"}, {"advisory": "RHSA-2021:3816", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "httpd:2.4-8040020211008164252.522a0ee4", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-10-12T00:00:00Z"}, {"advisory": "RHSA-2021:3837", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "httpd:2.4-8010020211008125020.c27ad7f8", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-10-13T00:00:00Z"}, {"advisory": "RHSA-2021:3836", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "httpd:2.4-8020020211008164029.4cda2c84", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-10-13T00:00:00Z"}, {"advisory": "RHSA-2021:3754", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "httpd24-httpd-0:2.4.34-22.el7.1", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2021-10-11T00:00:00Z"}, {"advisory": "RHSA-2021:3745", "cpe": "cpe:/a:redhat:jboss_core_services:1", "package": "jbcs-httpd24-httpd", "product_name": "Text-Only JBCS", "release_date": "2021-10-07T00:00:00Z"}], "bugzilla": {"description": "httpd: mod_proxy: SSRF via a crafted request uri-path containing \"unix:\"", "id": "2005117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005117"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-918", "details": ["A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.", "A Server-Side Request Forgery (SSRF) flaw was found in mod_proxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and inaccessible otherwise. The impact of this flaw varies based on what services and resources are available on the httpd network."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2021-40438", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}], "public_date": "2021-09-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-40438\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-40438\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "Impact of the flaw set to Important because the actions an attacker can do varies a lot based on the kind of infrastructure in place, the kind of internal services and resources, and the available endpoints on those services. The attacker should also perform some kind of target-specific reconnaissance in order to find out all the above information.\nThe version of httpd as shipped in Red Hat Enterprise Linux 7 is affected by this flaw even if the upstream code was not, because the Unix Domain Socket support required to trigger the flaw was backported.\nThe version of httpd as shipped in Red hat Enterprise Linux 6 is not affected by this flaw because there is no support for Unix Domain Socket.\nThe flaw can be triggered only if mod_proxy is in use (e.g. ProxyPass, ReverseProxy is used in the httpd configuration files).", "threat_severity": "Important"}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation active

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object