Description

Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Remediation

References

CVE-2021-27577

Related Vulnerabilities

Oracle JRE CVE-2013-0433 Vulnerability (CVE-2013-0433)

Zope Web Application Server Other Vulnerability (CVE-2002-0170)

MediaWiki CVE-2019-12474 Vulnerability (CVE-2019-12474)

Jenkins Improper Access Control Vulnerability (CVE-2015-5325)

Envoy Proxy Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-8660)

Severity

High

Classification

CVE-2021-27577 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities