Vulnerability Name:
CVE-2021-40438 (CCN-209526)
Assigned:
2021-09-16
Published:
2021-09-16
Updated:
2022-10-05
Summary:
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVSS v3 Severity:
9.0 Critical
(CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
)
7.8 High
(Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Changed
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
9.0 Critical
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
)
7.8 High
(CCN Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Changed
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
9.0 Critical
(REDHAT CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
)
7.8 High
(REDHAT Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Changed
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
CVSS v2 Severity:
6.8 Medium
(CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
7.6 High
(CCN CVSS v2 Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
High
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
Vulnerability Type:
CWE-918
Vulnerability Consequences:
Gain Access
References:
Source: MITRE
Type: CNA
CVE-2021-40438
Source: CCN
Type: Apache Web site
mod_proxy SSRF
Source: CONFIRM
Type: Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf
Source: XF
Type: UNKNOWN
apache-cve202140438-ssrf(209526)
Source: MISC
Type: Release Notes, Vendor Advisory
https://httpd.apache.org/security/vulnerabilities_24.html
Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438
Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression
Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info
Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info
Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info
Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info
Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438
Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update
Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-dce7e7738e
Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-e3f6dd670d
Source: GENTOO
Type: Third Party Advisory
GLSA-202208-20
Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20211008-0004/
Source: CCN
Type: Cisco Security Advisory cisco-sa-apache-httpd-2.4.49-VWL69sWQ
Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021
Source: CISCO
Type: Third Party Advisory
20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021
Source: CCN
Type: CYBERSECURITY & INFRASTRUCTURE SECURITY AGENCY
KNOWN EXPLOITED VULNERABILITIES CATALOG
Source: CCN
Type: ICSA-22-167-06
Siemens Apache HTTP Server (Update A)
Source: DEBIAN
Type: Third Party Advisory
DSA-4982
Source: CCN
Type: IBM Security Bulletin 6493841 (HTTP Server)
Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server
Source: CCN
Type: IBM Security Bulletin 6520016 (i)
Multiple vulnerabilities affect IBM HTTP Server (powered by Apache) for i
Source: CCN
Type: IBM Security Bulletin 6528442 (QRadar SIEM)
Apache HTTP Server as used in IBM QRadar SIEM is vulnerable to server-side request forgery (SSRF) (CVE-2021-40438)
Source: CCN
Type: IBM Security Bulletin 6541314 (Rational Build Forge)
IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it.(CVE-2021-40438)
Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs
Source: CCN
Type: IBM Security Bulletin 6569913 (Security SiteProtector System)
IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities (CVE-2021-40438, CVE-2021-34798)
Source: CCN
Type: IBM Security Bulletin 6592963 (DS8880)
Vulnerabilities have been identified in Spring Framework, OpenSSL and Apache HTTP Server shipped with the DS8000 Hardware Management Console (HMC)
Source: CCN
Type: IBM Security Bulletin 6618947 (Aspera Faspex)
IBM Aspera Faspex 4.4.1 and earlier has addressed an Apache vulnerabilitiy (CVE-2021-40438)
Source: CCN
Type: IBM Security Bulletin 6952337 (Aspera Orchestrator)
IBM Aspera Orchestrator vulnerable to server-side request forgery due to Apache HTTP Server vulnerability (CVE-2021-40438)
Source: CCN
Type: Oracle CPUApr2022
Oracle Critical Patch Update Advisory - April 2022
Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Source: CCN
Type: Oracle CPUJan2022
Oracle Critical Patch Update Advisory - January 2022
Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html
Source: CONFIRM
Type: Third Party Advisory
https://www.tenable.com/security/tns-2021-17
Vulnerable Configuration:
Configuration 1
:
cpe:/a:apache:http_server:*:*:*:*:*:*:*:*
(Version <= 2.4.48)
Configuration 2
:
cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*
OR
cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Configuration 3
:
cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*
OR
cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*
OR
cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Configuration 4
:
cpe:/a:netapp:cloud_backup:-:*:*:*:*:*:*:*
OR
cpe:/a:netapp:storagegrid:-:*:*:*:*:*:*:*
OR
cpe:/a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
Configuration 5
:
cpe:/o:f5:f5os:*:*:*:*:*:*:*:*
(Version >= 1.1.0 and <= 1.1.4)
OR
cpe:/o:f5:f5os:*:*:*:*:*:*:*:*
(Version >= 1.2.0 and <= 1.2.1)
Configuration 6
:
cpe:/a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
OR
cpe:/a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
OR
cpe:/a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
OR
cpe:/a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
OR
cpe:/a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*
OR
cpe:/a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
OR
cpe:/a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
OR
cpe:/a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*
Configuration 7
:
cpe:/a:siemens:sinema_server:14.0:-:*:*:*:*:*:*
OR
cpe:/a:siemens:sinec-nms:*:*:*:*:*:*:*:*
Configuration RedHat 1
:
cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*
Configuration RedHat 2
:
cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*
Configuration RedHat 3
:
cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*
Configuration RedHat 4
:
cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*
Configuration RedHat 5
:
cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*
Configuration RedHat 6
:
cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*
Configuration RedHat 7
:
cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:apache:http_server:2.4.0:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.1:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.2:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.3:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.4:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.7:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.6:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.9:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.10:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.12:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.18:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.20:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.17:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.23:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.29:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.33:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.25:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.26:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.27:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.28:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.34:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.35:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.37:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.39:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.41:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.43:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.46:*:*:*:*:*:*:*
OR
cpe:/a:apache:http_server:2.4.48:*:*:*:*:*:*:*
AND
cpe:/a:ibm:rational_build_forge:8.0:*:*:*:*:*:*:*
OR
cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*
OR
cpe:/a:ibm:security_siteprotector_system:3.1.1:*:*:*:*:*:*:*
OR
cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*
OR
cpe:/a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*
OR
cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*
OR
cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*
OR
cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:aspera_faspex:4.4.1:*:*:*:*:*:*:*
Denotes that component is vulnerable
Oval Definitions
Definition ID
Class
Title
Last Modified
oval:org.opensuse.security:def:8063
P
rpm-build-4.14.3-150300.55.1 on GA media (Moderate)
2023-06-20
oval:org.opensuse.security:def:7996
P
build-20230215-150200.15.1 on GA media (Moderate)
2023-06-20
oval:org.opensuse.security:def:7489
P
elfutils-0.185-150400.5.3.1 on GA media (Moderate)
2023-06-12
oval:org.opensuse.security:def:7434
P
apache2-2.4.51-150400.6.11.1 on GA media (Moderate)
2023-06-12
oval:org.opensuse.security:def:51968
P
Security update for python3 (Important)
2022-11-29
oval:org.opensuse.security:def:796
P
Security update for libgit2 (Important)
2022-10-04
oval:org.opensuse.security:def:95419
P
Security update for drbd (Important)
2022-08-03
oval:org.opensuse.security:def:3463
P
cups-1.7.5-20.23.1 on GA media (Moderate)
2022-06-28
oval:org.opensuse.security:def:3510
P
groff-1.22.2-5.287 on GA media (Moderate)
2022-06-28
oval:org.opensuse.security:def:3697
P
libvirt-5.1.0-11.10 on GA media (Moderate)
2022-06-28
oval:org.opensuse.security:def:94492
P
apache2-2.4.51-150400.4.6 on GA media (Moderate)
2022-06-22
oval:org.opensuse.security:def:95093
P
apache2-devel-2.4.51-150400.4.6 on GA media (Moderate)
2022-06-22
oval:org.opensuse.security:def:2862
P
apache2-2.4.51-150400.4.6 on GA media (Moderate)
2022-06-22
oval:org.opensuse.security:def:94622
P
libXxf86vm-devel-1.1.4-1.23 on GA media (Moderate)
2022-06-22
oval:org.opensuse.security:def:100057
P
(Moderate)
2022-03-30
oval:org.opensuse.security:def:98958
P
Security update for conmon, libcontainers-common, libseccomp, podman (Moderate)
2022-03-04
oval:org.opensuse.security:def:99746
P
(Critical)
2022-02-11
oval:org.opensuse.security:def:111117
P
Security update for apache2 (Important)
2021-11-02
oval:org.opensuse.security:def:100672
P
(Important)
2021-10-26
oval:org.opensuse.security:def:101335
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:64599
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:117515
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:108798
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:76028
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:1488
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:99689
P
(Important)
2021-10-26
oval:org.opensuse.security:def:6211
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:68578
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:102068
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:102132
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:64786
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:118529
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:109433
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:76368
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:96077
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:1640
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:100007
P
(Important)
2021-10-26
oval:org.opensuse.security:def:69085
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:73721
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:102216
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:102767
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:66960
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:100343
P
(Important)
2021-10-26
oval:org.opensuse.security:def:69152
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:108001
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:73908
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:111763
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:99154
P
(Important)
2021-10-26
oval:org.opensuse.security:def:5871
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:67300
P
Security update for apache2 (Important)
2021-10-26
oval:org.opensuse.security:def:99153
P
(Important)
2021-10-25
oval:com.redhat.rhsa:def:20213856
P
RHSA-2021:3856: httpd security update (Important)
2021-10-14
oval:org.opensuse.security:def:106237
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:10161
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:92398
P
Security update for apache2 (Important)
2021-10-12
oval:com.redhat.rhsa:def:20213816
P
RHSA-2021:3816: httpd:2.4 security update (Important)
2021-10-12
oval:org.opensuse.security:def:69547
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:105648
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:9407
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:70488
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:99547
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:106436
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:10348
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:92597
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:8660
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:69738
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:105843
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:9598
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:92008
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:106723
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:92796
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:8847
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:69937
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:106038
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:9797
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:92203
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:9042
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:70301
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:99348
P
Security update for apache2 (Important)
2021-10-12
oval:org.opensuse.security:def:32199
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:58842
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:87483
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:126780
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:23980
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:83342
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:34556
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:89462
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:30255
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:57106
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:85747
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:33019
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:59549
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:88201
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:127177
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:26142
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:55255
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:83462
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:31283
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:57514
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:86155
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:33726
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:59807
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:88518
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:29432
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:55958
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:84220
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:31691
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:58022
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:86663
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:125613
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:23685
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:51673
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:82639
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:33984
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:60379
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:89204
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:30135
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:56078
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:84679
P
Security update for apache2 (Important)
2021-10-06
oval:org.opensuse.security:def:5129
P
Security update for apache2 (Important)
2021-10-06
BACK
apache
http server *
fedoraproject
fedora 34
fedoraproject
fedora 35
debian
debian linux 9.0
debian
debian linux 10.0
debian
debian linux 11.0
netapp
cloud backup -
netapp
storagegrid -
netapp
clustered data ontap -
f5
f5os *
f5
f5os *
oracle
http server 12.2.1.3.0
oracle
instantis enterprisetrack 17.1
oracle
instantis enterprisetrack 17.2
oracle
instantis enterprisetrack 17.3
oracle
http server 12.2.1.4.0
oracle
enterprise manager ops center 12.4.0.0
oracle
zfs storage appliance kit 8.8
oracle
secure global desktop 5.6
siemens
sinema server 14.0 -
siemens
sinec-nms *
apache
http server 2.4.0
apache
http server 2.4.1
apache
http server 2.4.2
apache
http server 2.4.3
apache
http server 2.4.4
apache
http server 2.4.7
apache
http server 2.4.6
apache
http server 2.4.9
apache
http server 2.4.10
apache
http server 2.4.12
apache
http server 2.4.18
apache
http server 2.4.20
apache
http server 2.4.17
apache
http server 2.4.23
apache
http server 2.4.29
apache
http server 2.4.33
apache
http server 2.4.25
apache
http server 2.4.26
apache
http server 2.4.27
apache
http server 2.4.28
apache
http server 2.4.34
apache
http server 2.4.35
apache
http server 2.4.37
apache
http server 2.4.39
apache
http server 2.4.41
apache
http server 2.4.43
apache
http server 2.4.46
apache
http server 2.4.48
ibm
rational build forge 8.0
ibm
i 7.2
ibm
security siteprotector system 3.1.1
ibm
i 7.3
oracle
http server 12.2.1.3.0
ibm
qradar security information and event manager 7.3
ibm
i 7.4
ibm
qradar security information and event manager 7.4 -
ibm
cloud pak for security 1.7.2.0
ibm
aspera faspex 4.4.1
Denotes that component is vulnerable