/

CVE-2023-25690 Report - Details, Severity, & Advisorie...

CVE-2023-25690 Report - Details, Severity, & Advisories

Twingate Team

Apr 4, 2024

A critical vulnerability, CVE-2023-25690, has been identified in some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55. This vulnerability allows an HTTP Request Smuggling attack, which could result in bypassing access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. The severity of this vulnerability is rated as 9.8 CRITICAL. Systems running Apache HTTP Server versions 2.4.0 through 2.4.55 with certain mod_proxy configurations are affected.

How do I know if I'm affected?

If you're using Apache HTTP Server versions 2.4.0 through 2.4.55 with mod_proxy enabled and certain RewriteRule or ProxyPassMatch configurations, you may be affected by the vulnerability. This critical vulnerability allows an HTTP Request Smuggling attack, which could lead to bypassing access controls, proxying unintended URLs, and cache poisoning. To determine if you're affected, check your server's version and mod_proxy configurations. Upgrading to at least version 2.4.56 of Apache HTTP Server is recommended to address this issue.

What should I do if I'm affected?

If you're affected by the vulnerability, it's crucial to take action. First, update your Apache HTTP Server to at least version 2.4.56. Review your mod_proxy configurations and make necessary adjustments. Stay informed about new vulnerabilities and maintain regular software updates to ensure your system's security.

Is CVE-2023-25690 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, CVE-2023-25690 is in CISA's Known Exploited Vulnerabilities Catalog. This vulnerability, which affects some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55, allows an HTTP Request Smuggling attack. Although the specific date added and due date are not provided, users are advised to update their Apache HTTP Server to at least version 2.4.56 to address this issue.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-444, which refers to inconsistent interpretation of HTTP requests, leading to HTTP Request Smuggling attacks. This vulnerability affects some mod\_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55.

For more details

CVE-2023-25690 is a critical vulnerability affecting some mod\_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55. To ensure your system's security, it's essential to update to at least version 2.4.56 and review mod_proxy configurations. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-25690 Report - Details, Severity, & Advisorie...

CVE-2023-25690 Report - Details, Severity, & Advisories

Twingate Team

Apr 4, 2024

A critical vulnerability, CVE-2023-25690, has been identified in some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55. This vulnerability allows an HTTP Request Smuggling attack, which could result in bypassing access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. The severity of this vulnerability is rated as 9.8 CRITICAL. Systems running Apache HTTP Server versions 2.4.0 through 2.4.55 with certain mod_proxy configurations are affected.

How do I know if I'm affected?

If you're using Apache HTTP Server versions 2.4.0 through 2.4.55 with mod_proxy enabled and certain RewriteRule or ProxyPassMatch configurations, you may be affected by the vulnerability. This critical vulnerability allows an HTTP Request Smuggling attack, which could lead to bypassing access controls, proxying unintended URLs, and cache poisoning. To determine if you're affected, check your server's version and mod_proxy configurations. Upgrading to at least version 2.4.56 of Apache HTTP Server is recommended to address this issue.

What should I do if I'm affected?

If you're affected by the vulnerability, it's crucial to take action. First, update your Apache HTTP Server to at least version 2.4.56. Review your mod_proxy configurations and make necessary adjustments. Stay informed about new vulnerabilities and maintain regular software updates to ensure your system's security.

Is CVE-2023-25690 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, CVE-2023-25690 is in CISA's Known Exploited Vulnerabilities Catalog. This vulnerability, which affects some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55, allows an HTTP Request Smuggling attack. Although the specific date added and due date are not provided, users are advised to update their Apache HTTP Server to at least version 2.4.56 to address this issue.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-444, which refers to inconsistent interpretation of HTTP requests, leading to HTTP Request Smuggling attacks. This vulnerability affects some mod\_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55.

For more details

CVE-2023-25690 is a critical vulnerability affecting some mod\_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55. To ensure your system's security, it's essential to update to at least version 2.4.56 and review mod_proxy configurations. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-25690 Report - Details, Severity, & Advisories

Twingate Team

Apr 4, 2024

A critical vulnerability, CVE-2023-25690, has been identified in some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55. This vulnerability allows an HTTP Request Smuggling attack, which could result in bypassing access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. The severity of this vulnerability is rated as 9.8 CRITICAL. Systems running Apache HTTP Server versions 2.4.0 through 2.4.55 with certain mod_proxy configurations are affected.

How do I know if I'm affected?

If you're using Apache HTTP Server versions 2.4.0 through 2.4.55 with mod_proxy enabled and certain RewriteRule or ProxyPassMatch configurations, you may be affected by the vulnerability. This critical vulnerability allows an HTTP Request Smuggling attack, which could lead to bypassing access controls, proxying unintended URLs, and cache poisoning. To determine if you're affected, check your server's version and mod_proxy configurations. Upgrading to at least version 2.4.56 of Apache HTTP Server is recommended to address this issue.

What should I do if I'm affected?

If you're affected by the vulnerability, it's crucial to take action. First, update your Apache HTTP Server to at least version 2.4.56. Review your mod_proxy configurations and make necessary adjustments. Stay informed about new vulnerabilities and maintain regular software updates to ensure your system's security.

Is CVE-2023-25690 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, CVE-2023-25690 is in CISA's Known Exploited Vulnerabilities Catalog. This vulnerability, which affects some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55, allows an HTTP Request Smuggling attack. Although the specific date added and due date are not provided, users are advised to update their Apache HTTP Server to at least version 2.4.56 to address this issue.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-444, which refers to inconsistent interpretation of HTTP requests, leading to HTTP Request Smuggling attacks. This vulnerability affects some mod\_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55.

For more details

CVE-2023-25690 is a critical vulnerability affecting some mod\_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55. To ensure your system's security, it's essential to update to at least version 2.4.56 and review mod_proxy configurations. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.