CVE-2024-40898

{"id": "CVE-2024-40898", "cveTags": [], "metrics": {}, "published": "2024-07-18T10:15:03.217", "references": [{"url": "https://httpd.apache.org/security/vulnerabilities_24.html", "source": "security@apache.org"}], "vulnStatus": "Undergoing Analysis", "weaknesses": [{"type": "Primary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.\n\nUsers are recommended to upgrade to version 2.4.62 which fixes this issue.\u00a0"}, {"lang": "es", "value": "SSRF en el servidor Apache HTTP en Windows con mod_rewrite en el contexto de servidor/vhost, permite potencialmente filtrar hashes NTML a un servidor malicioso a trav\u00e9s de SSRF y solicitudes maliciosas. Se recomienda a los usuarios actualizar a la versi\u00f3n 2.4.62, que soluciona este problema."}], "lastModified": "2024-07-18T12:28:43.707", "sourceIdentifier": "security@apache.org"}