CVE-2007-6420

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.2.x

Description A cross-site request forgery (CSRF) issue exists in the balancer-manager of mod proxy balancer, allowing remote attackers to gain privileges via unspecified vectors. The mod proxy balancer provides an administrative interface that could be vulnerable to CSRF attacks.

Recommendations For Apache HTTP Server version 2.2.x, consider disabling the balancer-manager interface in mod proxy balancer as a temporary workaround until a patch is available. Restrict access to the administrative interface of mod proxy balancer to minimize the risk of exploitation.