Lucene search
China National Vulnerability DatabaseCNVD-2022-11218HistoryFeb 09, 2022 - 12:00 a.m.
Apache Traffic Control code issue vulnerability
2022-02-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
36.2%
Apache Traffic Control is a distributed, scalable content distribution solution from the Apache Foundation. Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6 was vulnerable to a code issue that allowed unprivileged users who could reach traffic operations via HTTPS to send a special POST request to the login oauth to scan for traffic operations that could reach the server port. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache traffic control traffic ops | lt | 6.1.0 | |
| apache traffic control traffic ops | lt | 5.1.6 |
Related
cvelist
cvelist
github
github
Server-Side Request Forgery in Apache Traffic Control
2022-02-07 00:00:23
gitlab
gitlab
Server-Side Request Forgery (SSRF)
2022-02-07 00:00:00
Server-Side Request Forgery (SSRF)
2022-02-06 00:00:00
osv
osv
Server-Side Request Forgery in Apache Traffic Control
2022-02-07 00:00:23
CVE-2022-23206
2022-02-06 16:15:07
nvd
nvd
CVE-2022-23206
2022-02-06 16:15:07
prion
prion
Design/Logic Flaw
2022-02-06 16:15:00
cve
cve
CVE-2022-23206
2022-02-06 16:15:07