LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

Apache – CVE-2022-22721

Description

Cytrix has detected that the Version of Apache HTTP Server being used has a ‘Integer Overflow or Wraparound’ vulnerability (CWE-190). Also known as CVE-2022-22721.

The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value.

By defining that the LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes.

There’s a chance that this vulnerability will allow attackers to modify system files and information. Also, it could cause a decrease in performance and interruptions in the availability of resources.

Recommendation

To fix CVE-2022-22721, upgrade the version of Apache HTTP Server being used to 2.4.53.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721

https://cwe.mitre.org/data/definitions/190.html

< Return to all Vulnerabilities

Request a Demo

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »

What is Cytrix

Cytrix scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Cytrix’s mission is to make

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin