6.3
CVE-2024-56196
- EPSS 0.07%
- Veröffentlicht 06.03.2025 12:15:35
- Zuletzt bearbeitet 07.05.2025 16:36:33
- Quelle security@apache.org
- CVE-Watchlists
- Unerledigt
Apache Traffic Server: ACL is not fully compatible with older versions
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 10.0.4, which fixes the issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apache ≫ Traffic Server Version >= 10.0.0 < 10.0.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.222 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.3 | 2.8 | 3.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.