Description
Cytrix has detected that the Version of Apache HTTP Server being used has a Bypass restriction vulnerability. Also known as CVE-2021-33193.
A crafted method sent through HTTP/2 will bypass the validation process, and forwarded by mod_proxy.
That, could lead to request splitting or cache poisoning.
There’s a chance that this vulnerability will allow attackers to modify system files and information.
Recommendation
To fix CVE-2021-33193, upgrade the version of Apache HTTP Server being used to 2.4.49.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193