HTTP Header Configuration Issue in Apple OS X Server
CVE-2015-7031

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X Server
Vendor: CVE Published:; 23 October 2015

Summary

The Web Service component in Apple OS X Server versions prior to 5.0.15 is vulnerable due to a misconfiguration of HTTP headers. This flaw can allow remote attackers to bypass intended access restrictions, potentially leading to unauthorized access. Addressing this vulnerability is crucial to maintain the security and integrity of affected systems.

References

http://lists.apple.com/archives/security-announce/2015/Oc...

vendor-advisoryx_refsource_APPLE

https://support.apple.com/HT205376

x_refsource_CONFIRM

http://www.securitytracker.com/id/1033933

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 23, 2015
Vulnerability Reserved
Sep 16, 2015