Severity
Medium
Analysis Summary
CVE-2024-56196 CVSS:6.3
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.3.
CVE-2024-56195 CVSS:6.3
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3.
CVE-2024-38311 CVSS:6.3
Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3.
CVE-2024-56202 CVSS:4.3
Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3.
Impact
- Gain Access
Indicators of Compromise
CVE
CVE-2024-56196
CVE-2024-56195
CVE-2024-38311
CVE-2024-56202
Affected Vendors
Affected Products
- Apache Traffic Server 10.0.0 - 10.0.3
- Apache Traffic Server 9.2.0 - 9.2.8
- Apache Traffic Server 8.0.0 - 8.1.11
Remediation
Refer to Apache Website for patch, upgrade, or suggested workaround information.