4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.1%
Fix handling of the Require line in mod_lau when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected.
CPE | Name | Operator | Version |
---|---|---|---|
apache httpd | eq | 2.4.10 | |
apache httpd | eq | 2.4.9 | |
apache httpd | eq | 2.4.7 | |
apache httpd | eq | 2.4.6 | |
apache httpd | eq | 2.4.4 | |
apache httpd | eq | 2.4.3 | |
apache httpd | eq | 2.4.2 | |
apache httpd | eq | 2.4.1 |