Description

ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.

Remediation

References

CVE-2020-17509

Related Vulnerabilities

Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21686)

WordPress Plugin Nextend Google Connect Cross-Site Scripting (1.5.2)

WeBid Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7117)

Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413)

WordPress Plugin Login Logout Menu Cross-Site Scripting (1.3.3)

Severity

High

Classification

CVE-2020-17509 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities