How severe is CVE-2021-27577?

CVE-2021-27577 has a CVSS v3 score of 7.5 (HIGH).

CVE-2021-27577

Name: debian_linux
Author: debian

7.5HIGH

Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0

发布于: 6/29/2021更新于: 11/21/2024

描述

Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

AI分析AI驱动

受影响产品

apachetraffic_server

debiandebian_linux

8.0

参考资料

https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E
Mailing ListVendor Advisory
https://www.debian.org/security/2021/dsa-4957
Third Party Advisory
https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E
Mailing ListVendor Advisory
https://www.debian.org/security/2021/dsa-4957
Third Party Advisory