Description

Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Remediation

References

CVE-2021-27577

Related Vulnerabilities

WordPress Plugin WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection-StopBadBots Cross-Site Scripting (6.61)

WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.15.2)

Joomla! Core 1.6.x Security Bypass (1.6.0 - 1.6.3)

Oracle Application Server Other Vulnerability (CVE-2007-2122)

WordPress Plugin VideoWhisper Video Conference Integration Arbitrary File Upload (4.91.8)

Severity

High

Classification

CVE-2021-27577 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities