Test ID:	1.3.6.1.4.1.25623.1.0.170483
Category:	Web Servers
Title:	Apache Traffic Server (ATS) 8.x <= 8.1.6, 9.x <= 9.2.0 Multiple Vulnerabilities
Summary:	Apache Traffic Server (ATS) is prone to multiple; vulnerabilities.
Description:	Summary: Apache Traffic Server (ATS) is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2022-47184: The TRACE method can be used to disclose network information. - CVE-2023-30631: Configuration option to block the PUSH method in ATS didn't work. - CVE-2023-33933: s3_auth plugin problem with hash calculation. Affected Software/OS: Apache Traffic Server version 8.x through 8.1.6 and 9.x through 9.2.0. Solution: Update to version 8.1.7, 9.2.1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-47184 Debian Security Information: DSA-5435 (Google Search) https://www.debian.org/security/2023/dsa-5435 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/ https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html Common Vulnerability Exposure (CVE) ID: CVE-2023-30631 Common Vulnerability Exposure (CVE) ID: CVE-2023-33933
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.