CVE-2011-3348
EPSS 41.3%
Description
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
How to fix CVE-2011-3348
To remediate CVE-2011-3348, upgrade the affected package to a fixed version below.
- Debian/apache2—upgrade to 2.2.21-1 or later
Is CVE-2011-3348 being exploited?
Moderate — EPSS is 41.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.2.21-1