Apache Traffic Server Vulnerable to Request Smuggling and Cache Poisoning via Malformed HTTP Chunked Trailers
CVE-2024-35161

7.5HIGH

Key Information:

Vendor: Apache
Status: Apache Traffic Server
Vendor: CVE Published:; 26 July 2024

Summary

The Apache Traffic Server has a vulnerability that allows it to forward malformed HTTP chunked trailer sections to the origin servers. This improperly handled input can be exploited for request smuggling attacks and introduces the risk of cache poisoning when the origin servers are not properly secured. The affected versions range from 8.0.0 to 8.1.10 and from 9.0.0 to 9.2.4. Users are strongly advised to implement the configuration setting 'proxy.config.http.drop_chunked_trailers' to mitigate this risk and upgrade to versions 8.1.11 or 9.2.5, which provide the necessary fixes.

Affected Version(s)

Apache Traffic Server 8.0.0 <= 8.1.10

Apache Traffic Server 9.0.0 <= 9.2.4

References

https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543g...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 26, 2024
Vulnerability Reserved
May 9, 2024

Credit

Keran Mu