Description

When there are multiple ranges in a range request, Apache Traffic Server (ATS) will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions.

Remediation

References

CVE-2018-8005

Related Vulnerabilities

Oracle Database Server CVE-2010-3600 Vulnerability (CVE-2010-3600)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-4962)

MySQL CVE-2015-4791 Vulnerability (CVE-2015-4791)

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-2327)

Joomla Numeric Errors Vulnerability (CVE-2008-4102)

Severity

Medium

Classification

CVE-2018-8005 CWE-400 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Tags

Missing Update Known Vulnerabilities