Apache – CVE-2019-10098

Description

Cytrix has detected that the version of Apache HTTP Server being used is vulnerable to Phishing
attacks and client-side attacks on browsers. Also known as CVE-2019-10098.

in mod_rewrite, certain self-referential mod_rewrite rules could be fooled by encoded newlines.
That will cause them to redirect users to an unexpected URL within the URL found in the request.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix CVE-2019-10098, upgrade the version of Apache Server being used to 2.4.41.

References

https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
https://cwe.mitre.org/data/definitions/601.html

Possible Social Security Number Disclosure

Description Cytrix has possibly detected a Social Security Number in your system. That means that...

Possible Credit Card Number Disclosure

Description Cytrix has possibly detected a Credit Card Number in your system. This exposure can...

Internal IP Disclosure

Description Cytrix has detected an internal IPv4 address in your system. Internal IP Disclosure...

External IP Disclosure

Description Cytrix has detected an external IPv4 address in your system. External IP Disclosure...