Create a Post
Showing results for 
Search instead for 
Did you mean: 

Recently Discovered Apache vulnerability cve-2021-44790


I just recently came upon an article regarding cve-2021-44790.  Its a buffer overflow regarding mod_lua in Apache HTTPD.  It looks like it moved it's CVSS score to 9.8.  I don't see an IPS protection and was wondering if something will come out or if this is a concern... especially with the recent take in R80.40 having an upgrade to Apache to version 2.4.51 which is a vulnerable version.


0 Kudos
2 Replies

It looks like the cve is rectified in Apache 2.4.52, so it may be the case Checkpoint will update to Apache 2.4.52, but only as matter of good practise.  I suspect Checkpoint is not actually vulnerable.

Lets see what the official response is, and of course a signature update would be most welcome.


There are two questions :

  1. Is Check Point affected by CVE-2021-44790? - The answer is NO, we are not vulnerable.
  2. Is there IPS signature? - not just yet, as there is no know exploit to create one.


0 Kudos