CVE-2014-3624
published 2017-10-30CVE-2014-3624: Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | traffic_server | — | — |
| debian | trafficserver | < trafficserver 5.0.0-1 (bookworm) | trafficserver 5.0.0-1 (bookworm) |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL