CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-38477

Critical Severity
Apache
SVRS
73/100
CVSSv3
7.5/10
EPSS
0.01465/1

CVE-2024-38477: Apache HTTP Server mod_proxy vulnerability allows denial of service! A null pointer dereference in Apache HTTP Server versions 2.4.59 and earlier can be exploited by an attacker sending a malicious request, leading to a server crash. The recommended action is to upgrade to version 2.4.60, which addresses this critical issue. With a SOCRadar Vulnerability Risk Score (SVRS) of 73, this CVE indicates a significant risk, though not critical, demanding prompt review and patching. The presence of active exploits amplifies the risk. Successful exploitation can cause service disruption and potential data loss.

TAGS
In The Wild
Exploit Avaliable
Vendor-advisory
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:N
I:N
A:H
PUBLICATION DATE2025-03-18
LAST MODIFIED2024-07-01
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-38477 is a null pointer dereference vulnerability in mod_proxy in Apache HTTP Server 2.4.59 and earlier. This vulnerability allows an attacker to crash the server via a malicious request. The CVSS score for this vulnerability is 0, indicating a low severity. However, the SOCRadar Vulnerability Risk Score (SVRS) is 30, indicating a moderate risk. This is because the SVRS takes into account additional factors, such as social media chatter, news articles, and code repositories, which indicate that this vulnerability is being actively discussed and exploited.

Key Insights

  • This vulnerability is actively exploited in the wild, meaning that hackers are using it to attack systems.
  • The Cybersecurity and Infrastructure Security Agency (CISA) has warned of this vulnerability, calling for immediate and necessary measures.
  • This vulnerability is relatively easy to exploit, making it a high-risk threat for organizations that use Apache HTTP Server.
  • The vulnerability affects all versions of Apache HTTP Server 2.4.59 and earlier.

Mitigation Strategies

  • Upgrade to Apache HTTP Server version 2.4.60 or later.
  • Apply the patch provided by Apache.
  • Disable mod_proxy if it is not needed.
  • Use a web application firewall (WAF) to block malicious requests.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
mrmtwoj/apache-vulnerability-testinghttps://github.com/mrmtwoj/apache-vulnerability-testing2024-10-05
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-38477 | Apache HTTP Server up to 2.4.59 mod_proxy denial of service (Nessus ID 209779)
vuldb.com2024-10-29
CVE-2024-38477 | Apache HTTP Server up to 2.4.59 mod_proxy denial of service (Nessus ID 209779) | A vulnerability was found in Apache HTTP Server up to 2.4.59. It has been rated as problematic. This issue affects some unknown processing of the component mod_proxy. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-38477. The attack may
vuldb.com
rss
forum
news
Critical Apache HTTP Server Vulnerabilities Expose Millions of Websites to Cyber Attack
Dhivya2024-07-18
Critical Apache HTTP Server Vulnerabilities Expose Millions of Websites to Cyber Attack | The Apache Software Foundation has disclosed several critical vulnerabilities in the Apache HTTP Server, which could potentially expose millions of websites to cyber-attacks. These vulnerabilities, identified by their Common Vulnerabilities and Exposures (CVE) numbers, affect various versions of the Apache HTTP Server and could lead to severe consequences such as source code disclosure, server-side request […] The post Critical Apache HTTP Server Vulnerabilities Expose Millions of Websites to
cybersecuritynews.com
rss
forum
news
USN-6885-2: Apache HTTP Server regression
2024-07-11
USN-6885-2: Apache HTTP Server regression | USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP/2 server. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-36387) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly sent certain request URLs
cve-2024-39884
cve-2024-38474
cve-2024-38476
cve-2024-38475
USN-6885-1: Apache HTTP Server vulnerabilities
2024-07-08
USN-6885-1: Apache HTTP Server vulnerabilities | Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-36387) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly sent certain request URLs with incorrect encodings to backends. A remote attacker could possibly use this issue to bypass authentication. (CVE-2024-38473) Orange Tsai discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain substitutions. A remote attacker
cve-2024-38477
cve-2024-38475
cve-2024-38474
cve-2024-39884
CVE-2024-38477 | Apache HTTP Server up to 2.4.59 mod_proxy denial of service
vuldb.com2024-07-01
CVE-2024-38477 | Apache HTTP Server up to 2.4.59 mod_proxy denial of service | A vulnerability was found in Apache HTTP Server up to 2.4.59. It has been rated as problematic. This issue affects some unknown processing of the component mod_proxy. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-38477. The attack may be initiated remotely
cve-2024-38477
domains
urls
cves
CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request
2024-07-01
CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request | Posted by Eric Covener on Jul 01Severity: important Affected versions: - Apache HTTP Server 2.4.0 through 2.4.59 Description: null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended
seclists.org
rss
forum
news

Social Media

@Kemhan_RI @kemkomdigi CVE-2024-38477 - Buffer overflow yang dapat menyebabkan eksekusi kode berbahaya. CVE-2022-22720 - Kerentanan di Apache HTTP Server terkait HTTP request smuggling. CVE-2013-0942 - Bug pada sistem autentikasi yang memungkinkan privilege escalation.
0
0
0
mrmtwoj/apache-vulnerability-testing: Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709 https://t.co/1vHVQPeJmm
0
1
1
GitHub - mrmtwoj/apache-vulnerability-testing: Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709 https://t.co/wxO2nxclqJ
0
0
2
List of 9 exploits 📋 1 CVE-2024-38472 - Apache HTTP Server on Windows UNC SSRF 2 CVE-2024-39573 - Apache HTTP Server proxy encoding problem 3 CVE-2024-38477 - Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request
1
0
0
@orange_8361 Is it difficult to exploit CVE-2024-38477 in apache?
0
0
0
IT関連サイト記事が更新されました!記事はこちらから⇒ Apache HTTP Serverの脆弱性(Important:CVE-2024-38472, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, Moderate: CVE-2024-38473, CVE-2024-39573, Low: CVE-2024-36387) https://t.co/I2uNNdaPiY
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppApachehttp_server
Configuration 2
TypeVendorProduct
OSNetappclustered_data_ontap

References

ReferenceLink
[email protected]https://httpd.apache.org/security/vulnerabilities_24.html
[email protected]https://httpd.apache.org/security/vulnerabilities_24.html
[email protected]https://security.netapp.com/advisory/ntap-20240712-0001/

CWE Details

CWE IDCWE NameDescription
CWE-476NULL Pointer DereferenceA NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence