Apache 2.4.17 / 2.4.18 mod_http2 Denial of Service
Medium Web Application Scanning Plugin ID 98917
SynopsisApache 2.4.17 / 2.4.18 mod_http2 Denial of Service
DescriptionAccording to its banner, the version of Apache running on the remote host is either 2.4.17 or 2.4.18. It is, therefore, affected by a denial of service vulnerability in the module for the HTTP/2 protocol due to thread starvation.
Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Apache version 2.4.20 or later.