Apache Traffic Control is a distributed, scalable content distribution solution from the Apache Foundation. Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6 was vulnerable to a code issue that allowed unprivileged users who could reach traffic operations via HTTPS to send a special POST request to the login oauth to scan for traffic operations that could reach the server port. No detailed vulnerability details are currently available.
CPE | Name | Operator | Version |
---|---|---|---|
apache traffic control traffic ops | lt | 6.1.0 | |
apache traffic control traffic ops | lt | 5.1.6 |