CVE-2022-31813

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Information

Published : 2022-06-09 10:15

Updated : 2022-08-19 05:54


NVD link : CVE-2022-31813

Mitre link : CVE-2022-31813


JSON object : View

CWE
CWE-345

Insufficient Verification of Data Authenticity

Advertisement

dedicated server usa

Products Affected

apache

  • http_server

netapp

  • clustered_data_ontap

fedoraproject

  • fedora