Detections
Analytics
Apache 2.4.x >= 2.4.7 / < 2.4.52 Forward Proxy DoS / SSRF
critical Nessus Plugin ID 156255
Language:
Synopsis
The remote web server is affected by a denial of service or server-side request forgery vulnerability.Description
The version of Apache httpd installed on the remote host is equal to or greater than 2.4.7 and prior to 2.4.52.It is, therefore, affected by a flaw related to acting as a forward proxy.
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery).
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Apache version 2.4.52 or later.Plugin Details
Severity: Critical
ID: 156255
File Name: apache_2_4_52.nasl
Version: 1.10
Type: combined
Agent: windows, macosx, unix
Family: Web Servers
Published: 12/23/2021
Updated: 11/22/2023
Configuration: Enable thorough checks
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2021-44790
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:apache:httpd, cpe:/a:apache:http_server
Required KB Items: installed_sw/Apache
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/20/2021
Vulnerability Publication Date: 11/18/2021
Reference Information
CVE: CVE-2021-44224, CVE-2021-44790
IAVA: 2021-A-0604-S