Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-53868)

Description

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0 through 10.0.4. Users are recommended to upgrade to version 9.2.10 or 10.0.5, which fixes the issue.

Remediation

References

Related Vulnerabilities

WordPress Plugin Ecommerce-Two Factor Authentication Cross-Site Scripting (1.0.4)

GeoServer Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-51444)

WordPress Plugin Google XML Sitemap for Videos Cross-Site Request Forgery (2.6.1)

Atlassian Jira CVE-2019-11583 Vulnerability (CVE-2019-11583)

Django Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4140)

Severity

High

Classification

CVE-2024-53868 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities