topic Apache High-severity Vulnerabilities: CVE-2024-40725 CVE-2024-39884 CVE-2024-40898 in Firewall and Security Management https://community.checkpoint.com/t5/Firewall-and-Security-Management/Apache-High-severity-Vulnerabilities-CVE-2024-40725-CVE-2024/m-p/221891#M42525 <P>Hello All,<BR />Does anyone have some information about this Apache Vulnerabilities?<BR />Affecting Apache HTTP Server versions 2.4.0 through 2.4.61<BR />As I checked the newest hotfix Take 76 for R81.20 haven't update for&nbsp;<SPAN>Apache HTTPD.</SPAN><BR /><BR /></P><P><STRONG>Details:</STRONG></P><UL><LI>CVE-2024-40725: This vulnerability concerns an incomplete fix for a previous vulnerability (CVE-2024-39884) and affects the mod_proxy module. It allows attackers to potentially disclose sensitive source code information on the server under specific circumstances. This could include PHP scripts or other server-side files. This affects both Windows and Linux systems.</LI><LI>CVE-2024-40898: This vulnerability affects Apache HTTP Server on Windows systems with mod_rewrite in server/vhost context. A malicious actor could exploit this vulnerability to launch Server-Side Request Forgery (SSRF) attacks. This could potentially lead to leaking NTLM hashes or other sensitive information.</LI></UL><P>&nbsp;</P> Thu, 25 Jul 2024 12:15:01 GMT 4mon 2024-07-25T12:15:01Z Apache High-severity Vulnerabilities: CVE-2024-40725 CVE-2024-39884 CVE-2024-40898 https://community.checkpoint.com/t5/Firewall-and-Security-Management/Apache-High-severity-Vulnerabilities-CVE-2024-40725-CVE-2024/m-p/221891#M42525 <P>Hello All,<BR />Does anyone have some information about this Apache Vulnerabilities?<BR />Affecting Apache HTTP Server versions 2.4.0 through 2.4.61<BR />As I checked the newest hotfix Take 76 for R81.20 haven't update for&nbsp;<SPAN>Apache HTTPD.</SPAN><BR /><BR /></P><P><STRONG>Details:</STRONG></P><UL><LI>CVE-2024-40725: This vulnerability concerns an incomplete fix for a previous vulnerability (CVE-2024-39884) and affects the mod_proxy module. It allows attackers to potentially disclose sensitive source code information on the server under specific circumstances. This could include PHP scripts or other server-side files. This affects both Windows and Linux systems.</LI><LI>CVE-2024-40898: This vulnerability affects Apache HTTP Server on Windows systems with mod_rewrite in server/vhost context. A malicious actor could exploit this vulnerability to launch Server-Side Request Forgery (SSRF) attacks. This could potentially lead to leaking NTLM hashes or other sensitive information.</LI></UL><P>&nbsp;</P> Thu, 25 Jul 2024 12:15:01 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Apache-High-severity-Vulnerabilities-CVE-2024-40725-CVE-2024/m-p/221891#M42525 4mon 2024-07-25T12:15:01Z Re: Apache High-severity Vulnerabilities: CVE-2024-40725 CVE-2024-39884 CVE-2024-40898 https://community.checkpoint.com/t5/Firewall-and-Security-Management/Apache-High-severity-Vulnerabilities-CVE-2024-40725-CVE-2024/m-p/221906#M42529 <P>I’m fairly certain we do not use either mod_rewrite or mod_proxy in our Apache implementation.&nbsp;<BR />That makes both of these CVEs not relevant for Gaia OS.</P> <P>For formal confirmation I recommend a TAC case: <A href="https://help.checkpoint.com" target="_blank">https://help.checkpoint.com</A></P> Thu, 25 Jul 2024 13:37:30 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Apache-High-severity-Vulnerabilities-CVE-2024-40725-CVE-2024/m-p/221906#M42529 PhoneBoy 2024-07-25T13:37:30Z