Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Tue, 01 Jul 2025 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:9.4 |
Tue, 01 Jul 2025 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/a:redhat:rhel_eus:9.4::appstream | |
Vendors & Products |
Redhat rhel Eus
|
|
References |
|
Tue, 24 Jun 2025 06:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Sat, 31 May 2025 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9 |
Fri, 30 May 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9::appstream | |
References |
|
Wed, 14 May 2025 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:10.0 | |
References |
|
Wed, 23 Apr 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 23 Apr 2025 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Wed, 23 Apr 2025 10:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive should be replaced by the <Location> directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might send MCMP requests that may result in adding/removing/updating nodes for the balancing. However, this host should not be accessible to the public network as it does not serve the general traffic. | |
Title | Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests | |
First Time appeared |
Redhat
Redhat enterprise Linux Redhat jboss Core Services |
|
Weaknesses | CWE-863 | |
CPEs | cpe:/a:redhat:jboss_core_services:1 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux Redhat jboss Core Services |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-26T06:28:52.442Z
Reserved: 2024-10-23T14:03:44.421Z
Link: CVE-2024-10306

Updated: 2025-04-23T15:33:21.222Z

Status : Awaiting Analysis
Published: 2025-04-23T10:15:14.330
Modified: 2025-07-01T03:15:20.857
Link: CVE-2024-10306


No data.