PT-2023-3360 · Apache · Apache Traffic Server

Masakazu Kitajo

·

Publicado

2023-06-13

·

Atualizado

2024-10-09

·

CVE-2023-33933

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions Apache Traffic Server versions 8.0.0 through 9.2.0
Description The issue is related to insufficient protection of service data, which may allow a remote attacker to gain unauthorized access to confidential information.
Recommendations 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

BDU:2023-03516
CVE-2023-33933
DLA-3475-1
DSA-5435-1
DSA-5435-2
OESA-2023-1972
OESA-2023-1973
OESA-2023-1974

Produtos afetados

Apache Traffic Server