HomePentest-Tools.com Logo

Apache Traffic Server (ATS) Host Header and Line Folding Security Bypass Vulnerability CVE-2017-5660

Severity
CVSSv3 Score
8.6
Vulnerability description

Apache Traffic Server is prone to a security bypass vulnerability.

Risk description

The flaw exists due to an error in Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used. Successful exploitation will allow remote attackers to gain unauthorized access to certain resources. This may aid in further attacks.

Recommendation

Upgrade to 6.2.2, 7.1.2 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 27, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available