CVE-2024-35296 | Apache Traffic Server up to 8.1.10/9.2.4 Accept-Encoding Privilege Escalation

Posted by Angelo Barbosa | Jul 25, 2024 | CVE

A vulnerability was found in Apache Traffic Server up to 8.1.10/9.2.4 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument Accept-Encoding leads to Privilege Escalation.

This vulnerability is handled as CVE-2024-35296. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-35296 | Apache Traffic Server up to 8.1.10/9.2.4 Accept-Encoding Privilege Escalation

Related Posts

CVE-2021-47444 | Linux Kernel up to 5.10.74/5.14.13 on DP edid connector_bad_edid allocation of resources (a7b45024f66f/09f3946bb452/97794170b696)

CVE-2024-4964 | D-Link DAR-7000-40 V31R02B1413C /firewall/urlblist.php file unrestricted upload (SAP10354)

CVE-2023-20258 | Cisco Prime Infrastructure Web-based Management Interface Privilege Escalation (cisco-sa-pi-epnm-wkZJeyeq)

CVE-2021-47459 | Linux Kernel up to 5.4.155/5.10.75/5.14.14 lib/refcount.c j1939_netdev_start use after free