Test ID:	1.3.6.1.4.1.25623.1.0.126109
Category:	Web Servers
Title:	Apache Traffic Server (ATS) 8.0.0 <= 8.1.4, 9.0.0 <= 9.1.2 Multiple Vulnerabilities
Summary:	Apache Traffic Server (ATS) is prone to multiple; vulnerabilities.
Description:	Summary: Apache Traffic Server (ATS) is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2021-37150: Protocol vs scheme mismatch. - CVE-2022-25763: Improper input validation on HTTP/2 headers. - CVE-2022-28129: Insufficient validation of HTTP/1.x headers. - CVE-2022-31779: Improper HTTP/2 scheme and method validation. - CVE-2022-31780: HTTP/2 framing vulnerabilities. Affected Software/OS: Apache Traffic Server version 8.0.0 through 8.1.4 and 9.0.0 through 9.1.2. Solution: Update to version 8.1.5, 9.1.3 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-25763 DSA-5206 https://www.debian.org/security/2022/dsa-5206 FEDORA-2022-23043f5a0b https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/ FEDORA-2022-9832c0c04b https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/ https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21 Common Vulnerability Exposure (CVE) ID: CVE-2022-28129 Debian Security Information: DSA-5206 (Google Search) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/ https://lists.debian.org/debian-lts-announce/2023/01/msg00019.html Common Vulnerability Exposure (CVE) ID: CVE-2022-31779 Common Vulnerability Exposure (CVE) ID: CVE-2022-31780 Common Vulnerability Exposure (CVE) ID: CVE-2021-37150
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.