Apache Traffic Server Improper Access Control Vulnerability - CVE-2014-3624 - Vulnerability Database

Apache Traffic Server Improper Access Control Vulnerability - CVE-2014-3624

Critical

Reference: CVE-2014-3624

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-3624

Title: Apache Traffic Server Improper Access Control Vulnerability

Overview:

Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.