{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-39573", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2024-06-25T17:13:46.679Z", "datePublished": "2024-07-01T18:16:44.297Z", "dateUpdated": "2024-09-13T17:05:01.124Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "2.4.59", "status": "affected", "version": "2.4.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Orange Tsai (@orange_8361) from DEVCORE"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.<br>Users are recommended to upgrade to version 2.4.60, which fixes this issue."}], "value": "Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue."}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-07-01T18:16:44.297Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"url": "https://security.netapp.com/advisory/ntap-20240712-0001/"}], "source": {"discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2024-04-01T12:00:00.000Z", "value": "reported"}], "title": "Apache HTTP Server: mod_rewrite proxy handler substitution", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "apache", "product": "http_server", "cpes": ["cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.4.0", "status": "affected", "lessThanOrEqual": "2.4.59", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-01T20:41:48.835121Z", "id": "CVE-2024-39573", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-01T20:44:44.754Z"}}, {"title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/01/11"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-13T17:05:01.124Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://httpd.apache.org/security/vulnerabilities_24.html", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/01/11"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-13T17:05:01.124Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-39573", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-01T20:41:48.835121Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*"], "vendor": "apache", "product": "http_server", "versions": [{"status": "affected", "version": "2.4.0", "versionType": "custom", "lessThanOrEqual": "2.4.59"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-01T20:44:36.627Z"}}], "cna": {"title": "Apache HTTP Server: mod_rewrite proxy handler substitution", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Orange Tsai (@orange_8361) from DEVCORE"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "moderate"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache HTTP Server", "versions": [{"status": "affected", "version": "2.4.0", "versionType": "semver", "lessThanOrEqual": "2.4.59"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-04-01T12:00:00.000Z", "value": "reported"}], "references": [{"url": "https://httpd.apache.org/security/vulnerabilities_24.html", "tags": ["vendor-advisory"]}, {"url": "https://security.netapp.com/advisory/ntap-20240712-0001/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", "supportingMedia": [{"type": "text/html", "value": "Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.<br>Users are recommended to upgrade to version 2.4.60, which fixes this issue.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-07-01T18:16:44.297Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39573", "state": "PUBLISHED", "dateUpdated": "2024-09-13T17:05:01.124Z", "dateReserved": "2024-06-25T17:13:46.679Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2024-07-01T18:16:44.297Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue."}, {"lang": "es", "value": "El potencial SSRF en mod_rewrite en Apache HTTP Server 2.4.59 y versiones anteriores permite a un atacante provocar que RewriteRules inseguras configuren inesperadamente URL para que sean manejadas por mod_proxy. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.4.60, que soluciona este problema."}], "id": "CVE-2024-39573", "lastModified": "2024-07-12T14:15:16.400", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-01T19:15:05.760", "references": [{"source": "security@apache.org", "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"source": "security@apache.org", "url": "https://security.netapp.com/advisory/ntap-20240712-0001/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@apache.org", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-httpd-0:2.4.57-13.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_http2-0:1.15.19-41.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_md-1:2.4.24-11.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_security-0:2.9.3-40.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-httpd-0:2.4.57-13.el7jbcs", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_http2-0:1.15.19-41.el7jbcs", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_jk-0:1.2.49-11.redhat_1.el7jbcs", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_md-1:2.4.24-11.el7jbcs", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_proxy_cluster-0:1.3.20-8.el7jbcs", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5239", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_security-0:2.9.3-40.el7jbcs", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:4720", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "httpd:2.4-8100020240712114234.489197e6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-23T00:00:00Z"}, {"advisory": "RHSA-2024:4726", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "httpd-0:2.4.57-11.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-07-23T00:00:00Z"}, {"advisory": "RHSA-2024:5001", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "httpd-0:2.4.53-11.el9_2.10", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-08-06T00:00:00Z"}, {"advisory": "RHSA-2024:5240", "cpe": "cpe:/a:redhat:jboss_core_services:1", "package": "jbcs-httpd24-httpd", "product_name": "Red Hat JBoss Core Services 1", "release_date": "2024-08-13T00:00:00Z"}], "bugzilla": {"description": "httpd: Potential SSRF in mod_rewrite", "id": "2295022", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-20", "details": ["Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", "A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-39573", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:jboss_core_services:1", "fix_state": "Affected", "package_name": "httpd", "product_name": "Red Hat JBoss Core Services"}], "public_date": "2024-07-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-39573\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-39573\nhttps://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-39573"], "statement": "This issue only affects configurations with unsafe rules used in the RewriteRule directive.\nAdditionally, this flaw requires mod_rewrite and mod_proxy to be loaded and being used. These modules can be disabled via the configuration file if their functionality are not needed.\nRed Hat Enterprise Linux 6 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of httpd.", "threat_severity": "Moderate"}