Description

There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions.

Remediation

References

CVE-2018-8004

Related Vulnerabilities

WordPress Plugin JSM file_get_contents() Shortcode Server-Side Request Forgery (2.7.0)

WordPress Plugin HD Webplayer Multiple SQL Injection Vulnerabilities (1.1)

WordPress Plugin Frontend File Manager Multiple Vulnerabilities (18.2)

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28417)

MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-14634)

Severity

Medium

Classification

CVE-2018-8004 CWE-444 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities