CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-39884

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00108/1

CVE-2024-39884 in Apache HTTP Server allows for potential source code disclosure. A regression in Apache HTTP Server 2.4.60 causes the server to ignore certain legacy content-type based configurations, specifically regarding handler assignments. This vulnerability means under specific conditions involving indirect file requests, local content, such as PHP scripts, may be served as plain text instead of being executed, leading to sensitive information exposure. Although the SVRS is 30, indicating a lower immediate risk, the presence of the "In The Wild" tag suggests active exploitation may occur. Users should upgrade to version 2.4.61 to mitigate this risk of data exposure. Addressing this vulnerability is critical to preventing unauthorized access to potentially sensitive server-side code.

TAGS
In The Wild
Vendor-advisory
VECTOR STRING
PUBLICATION DATE2024-07-04
LAST MODIFIED2025-02-13
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-39884 is a regression in Apache HTTP Server 2.4.60 that ignores legacy content-type based configuration of handlers. This can lead to source code disclosure of local content, such as PHP scripts being served instead of interpreted. The SVRS for this CVE is 36, indicating a moderate risk.

Key Insights

  • This vulnerability is actively exploited in the wild, making it a high priority for patching.
  • The vulnerability affects Apache HTTP Server 2.4.60 and earlier versions.
  • The vulnerability can be exploited by attackers to gain access to sensitive information, such as source code and configuration files.

Mitigation Strategies

  • Upgrade to Apache HTTP Server 2.4.61 or later.
  • Disable legacy content-type based configuration of handlers.
  • Implement a web application firewall (WAF) to block malicious requests.
  • Regularly monitor your systems for suspicious activity.

Additional Information

  • The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, calling for immediate and necessary measures.
  • If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Debian Security Advisory 5729-2
2024-10-09
Debian Security Advisory 5729-2 | Debian Linux Security Advisory 5729-2 - The fixes for CVE-2024-38474 and CVE-2024-39884 introduced two regressions in mod_rewrite and mod_proxy.
cve-2024-38474
cve-2024-39884
cves
debian
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: SideWinder phishing campaign targets maritime facilities in multiple countries The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. In the 2022 […] A crafty phishing campaign targets Microsoft OneDrive users Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | URL: https://securityaffairs.com/must-read. Publication date: 2023-08-27 16:37:21 News Content: A crafty phishing campaign targets Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. Threat actors rely on social engineering tactics to trick users into executing a PowerShell script, which leads to […] | Description: A crafty phishing campaign targets Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a
google.com
rss
forum
news
Must Read - Security Affairs
2023-08-27
Must Read - Security Affairs | News Content: Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085 Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) in VMware ESXi flaw. “Microsoft researchers have uncovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full […] Acronis Cyber Infrastructure bug actively exploited in the wild Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that
google.com
rss
forum
news
Critical Apache HTTP Server Vulnerabilities Expose Millions of Websites to Cyber Attack
Dhivya2024-07-18
Critical Apache HTTP Server Vulnerabilities Expose Millions of Websites to Cyber Attack | The Apache Software Foundation has disclosed several critical vulnerabilities in the Apache HTTP Server, which could potentially expose millions of websites to cyber-attacks. These vulnerabilities, identified by their Common Vulnerabilities and Exposures (CVE) numbers, affect various versions of the Apache HTTP Server and could lead to severe consequences such as source code disclosure, server-side request […] The post Critical Apache HTTP Server Vulnerabilities Expose Millions of Websites to
cybersecuritynews.com
rss
forum
news
CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType
2024-07-17
CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType | Posted by Eric Covener on Jul 17Severity: important Affected versions: - Apache HTTP Server 2.4.60 through 2.4.61 Description: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some
seclists.org
rss
forum
news
USN-6885-2: Apache HTTP Server regression
2024-07-11
USN-6885-2: Apache HTTP Server regression | USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP/2 server. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-36387) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly sent certain request URLs
cve-2024-39884
cve-2024-38474
cve-2024-38476
cve-2024-38475

Social Media

Debian Security Advisory 5729-2: Debian Linux Security Advisory 5729-2 - The fixes for CVE-2024-38474 and CVE-2024-39884 introduced two regressions in mod_rewrite and mod_proxy. https://t.co/5q104yuXEs
0
0
0
❗️CVE-2024-40725 Una correzione parziale della CVE-2024-39884 in Apache HTTP Server 2.4.61 ignora alcuni utilizzi di configurazione dei content-type. La direttiva "AddType", in alcune circostanze in cui i file vengono richiesti indirettamente, possono restituire il cod sorgente.
1
0
0
CVE alert 🚨 Apache HTTP Server Flaws: Source Code Disclosure via Handlers Configured with AddType and SSRF (CVE-2024-40725, CVE-2024-39884) Checks have been integrated to Patrowl: our customers assets are protected.🦉 #CyberSecurity #InfoSec #Patrowl #CVE #Apache #HTTP #AddType https://t.co/Ki2D8z1fI5
0
0
1
CVE-2024-40725 A partial fix for  CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and … https://t.co/yL7U5cVAEe
0
0
0
The Apache Foundation has fixed a critical vulnerability (CVE-2024-39884) in Apache HTTP Server, protecting against unauthorized access and remote code execution. Users should upgrade to version 2.4.61 for security. https://t.co/C0nT4SHLvK
0
0
0
Apache fixed a source code disclosure flaw in Apache HTTP Server: The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The Apache Software Foundation has addressed multiple… https://t.co/Cc7psL9vR2 https://t.co/CaSyBXwPq8
0
1
0
CVE-2024-39884 : Aache HTTP Server Critical Source Code Disclosure Flaw
0
0
1
⚠️⚠️ CVE-2024-39884 source code disclosure with handlers configured via AddType in Apache HTTP Server 2.4.60 🎯3.2k+ Results are found on the https://t.co/pb16tGYaKe nearly year. FOFA Link🔗: https://t.co/PYzAeupSxs FOFA Query: banner="Apache/2.4.60" || header="Apache/2.4.60" https://t.co/cHOOv93ant
0
2
4
jvnjp: [2024/07/04 16:00 公表] Apache HTTP Server 2.4に対するアップデート(CVE-2024-39884) https://t.co/gynEoX6Uy9 https://t.co/dYEUbiquvh #itsec_jp
0
0
0
Apache HTTP Server 2.4に対するアップデート(CVE-2024-39884) https://t.co/0iWDmtQtqN #%E6%8A%80%E8%A1%93%E7%B3%BB-%20%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3 #feedly
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://httpd.apache.org/security/vulnerabilities_24.html
[email protected]https://httpd.apache.org/security/vulnerabilities_24.html
[email protected]https://security.netapp.com/advisory/ntap-20240712-0002/
[email protected]http://www.openwall.com/lists/oss-security/2024/07/17/6
[email protected]https://httpd.apache.org/security/vulnerabilities_24.html
[email protected]https://security.netapp.com/advisory/ntap-20240712-0002/

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence