PT-2025-9866 · Apache+1 · Apache Traffic Server+1
David Carlin
·
Published
2025-03-05
·
Updated
2025-04-05
·
CVE-2024-56202
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Apache Traffic Server versions 9.0.0 through 9.2.8
Apache Traffic Server versions 10.0.0 through 10.0.3
Description
The issue is an Expected Behavior Violation vulnerability in Apache Traffic Server. Users are advised to upgrade to resolve the issue.
Recommendations
For Apache Traffic Server versions 9.0.0 through 9.2.8, upgrade to version 9.2.9 or newer.
For Apache Traffic Server versions 10.0.0 through 10.0.3, upgrade to version 10.0.4 or newer.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Traffic Server
Debian