Apache – CVE-2022-22720

Description

Kayran has detected that the Version of Apache HTTP Server being used is vulnerable to Inconsistent Interpretation of HTTP Requests, also known as ‘HTTP Request/Response Smuggling’ (CWE-444). This vulnerability is catalogued as CVE-2022-22720.

The version of Apache HTTP Server being used fails to close inbound connection when errors are encountered discarding the request body.
That will expose the server to HTTP Request Smuggling.

There’s a chance that this vulnerability will allow attackers to modify system files and information.

Recommendation

To fix CVE-2022-22720, upgrade the version of Apache HTTP Server being used to 2.4.53 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720

https://cwe.mitre.org/data/definitions/444.html

< Return to all Vulnerabilities

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »