Apache Traffic Server Vulnerability: Unchecked Return Value Can Retain Privileges
CVE-2024-50306

Currently unrated

Key Information:

Vendor
Apache
Status
Apache Traffic Server
Vendor
CVE Published:
14 November 2024

Summary

Unchecked return value can allow Apache Traffic Server to retain privileges on startup.

This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1.

Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.

Affected Version(s)

Apache Traffic Server 9.2.0 <= 9.2.5

Apache Traffic Server 10.0.0 <= 10.0.1

References

https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh...
vendor-advisory

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jeffrey BENCTEUX
.