Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability - CVE-2024-43204 - Vulnerability Database
Apache HTTP Server

Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability - CVE-2024-43204

High
Reference: CVE-2024-43204
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-43204
Title: Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability
Overview:

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.