Apache · Apache Traffic Server · CVE-2024-56196
**Name of the Vulnerable Software and Affected Versions**
Apache Traffic Server versions 10.0.0 through 10.0.3
**Description**
The issue is related to an Improper Access Control vulnerability in Apache Traffic Server. This vulnerability is associated with deficiencies in access control based on the Access Control List (ACL). Exploitation of the vulnerability may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. Users are recommended to upgrade to version 10.0.4 to fix the issue.
**Recommendations**
For Apache Traffic Server versions 10.0.0 through 10.0.3, upgrade to version 10.0.4 to resolve the issue.