Patch Apache HTTP Server Vulnerability getting Exploited.
29 November, 2021
After it was discovered that a newly patched vulnerability had been used in attacks, organisations are being encouraged to ensure that their Apache HTTP servers are up to date.
CVE202140438 is a serverside request forgery (SSRF) vulnerability that may be exploited against httpd web servers with the mod proxy module installed. An attacker can take advantage of this serious weakness by sending a properly crafted request to the module, which will cause the request to be forwarded to an arbitrary origin server.
