LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

Apache – CVE-2022-28615

Description

Cytrix has detected that the version of Apache HTTP Server being used is vulnerable to Information Disclosure and denial of service (DoS).
also known as CVE-2022-28615.

An attacker could abuse the fact that a read beyond bounds in ap_strcmp_match() by providing an extremely large input buffer.
While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may potentially be affected.

This will cause a decrease in performance and also for interruptions in the availability of resources.

Severity/Score

CVSS Version 3.x – 9.1 Critical

Recommendation

To fix CVE-2022-28615, upgrade the version of Apache Server being used to 2.4.54.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615

https://cwe.mitre.org/data/definitions/190.html

< Return to all Vulnerabilities

Request a Demo

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin