Vulnerability in Apache HTTP Server Could Leak NTML Hashes to Malicious Servers
CVE-2024-40898

7.5HIGH

Key Information:

Vendor
Apache
Status
Apache Http Server
Vendor
CVE Published:
18 July 2024

Badges

đź“° News Worthy

Summary

An SSRF vulnerability exists in the Apache HTTP Server on Windows platforms, particularly when utilizing the mod_rewrite module within server or virtual host contexts. This security flaw may enable malicious actors to craft specific requests that could lead to the exposure of NTLM hashes to an external server. To mitigate this risk, users are highly encouraged to upgrade to Apache HTTP Server version 2.4.62 or later, which addresses this vulnerability effectively.

Affected Version(s)

Apache HTTP Server 2.4.0 <= 2.4.61

News Articles

favicon imageTechRadar

These vulnerabilities in Apache HTTP Server enable HTTP Request Smuggling and SSL Authentication Bypass, posing severe threats to organizations worldwide

PoC exploit codes are available for both vulnerabilities

4 months ago

favicon imagecyfirma

CVE-2024-40725 and CVE-2024-40898 Vulnerabilities in Apache’s HTTP Server : Vulnerability Analysis and Exploitation - CYFIRMA

Published On : 2024-09-11 EXECUTIVE SUMMARY CVE-2024-40725 and CVE-2024-40898 are vulnerabilities in Apache’s HTTP Server. CVE-2024-40725 affects the mod_proxy module, where enabling the ProxyPass...

5 months ago

References

https://httpd.apache.org/security/vulnerabilities_24.html
vendor-advisory

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by cyfirma

  • Vulnerability published

  • Vulnerability Reserved

Credit

Smi1e (DBAPPSecurity Ltd.)
xiaojunjie (DBAPPSecurity Ltd.)
.