Lucene search
China National Vulnerability DatabaseCNVD-2022-05527HistoryOct 15, 2021 - 12:00 a.m.
Apache Traffic Control input validation error vulnerability
2021-10-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
40.4%
Apache Traffic Control is a distributed and scalable content distribution solution from the Apache Foundation. Apache Traffic Control Traffic Ops is vulnerable to an input validation error, which is caused when an authenticated Apache Traffic Control Traffic Ops user with portal-level privileges can send a request with a specially crafted email that email is bound by the /deliveryservices/request Traffic Ops endpoint to send an email with arbitrary body text from the Traffic Ops server to an arbitrary email address. No details of the vulnerability are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Apache Traffic Control >=4.1.0, | lt | 5.1.3 |
Related
osv
osv
CVE-2021-42009
2021-10-12 08:15:06
Email relay in Apache Traffic Control
2021-10-13 18:55:04
cvelist
cvelist
cve
cve
CVE-2021-42009
2021-10-12 08:15:06
gitlab
gitlab
Improper Input Validation
2021-10-13 00:00:00
Improper Input Validation
2021-10-12 00:00:00
nvd
nvd
CVE-2021-42009
2021-10-12 08:15:06
prion
prion
Design/Logic Flaw
2021-10-12 08:15:00
github
github
Email relay in Apache Traffic Control
2021-10-13 18:55:04