SB2024092312 - Multiple vulnerabilities in F5 Traffix SDC Apache HTTPD component

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024092312

SB2024092312 - Multiple vulnerabilities in F5 Traffix SDC Apache HTTPD component

Published: September 23, 2024 Updated: December 13, 2024

Security Bulletin ID SB2024092312
Severity
High
Patch available
NO
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 25% Medium 50% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2024-38474)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in mod_rewrite when parsing encoded question marks in backreferences. A remote attacker can execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.


2) Input validation error (CVE-ID: CVE-2024-38475)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in mod_rewrite when first segment of substitution matches filesystem path. A remote attacker can map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL and view contents of files or execute arbitrary code.


3) Input validation error (CVE-ID: CVE-2024-38473)

The vulnerability allows a remote attacker to bypass authentication.

The vulnerability exists due to insufficient validation of user-supplied input when handling incorrect encoding in mod_proxy. A remote attacker can force the web server to pass request URLs with incorrect encoding to backend services.


4) Use-after-free (CVE-ID: CVE-2022-2586)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the netfilter subsystem implementation in Linux kernel when preventing one nft object from referencing an nft set in another nft table. A local user can trigger a use-after-free error and execute arbitrary code on the system with elevated privileges.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References