CVE-2022-32749

2022-12-1911:15:10

CWE-754

apache

web.nvd.nist.gov

cve-2022-32749

apache traffic server

vulnerability

crash

nvd

security

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.002

Percentile

60.9%

JSON

Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions.

This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3.

Affected configurations

Nvd

Vulners

Node

apachetraffic_serverRange8.0.0–8.1.6

apachetraffic_serverRange9.0.0–9.1.4

VendorProductVersionCPE
apachetraffic_server*cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apache	traffic_server	*	cpe:2.3:a:apache:traffic_server::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Apache Traffic Server",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "9.1.3",
        "status": "affected",
        "version": "8.0.0",
        "versionType": "custom"
      }
    ]
  }
]