Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

f5os

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

1
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found

CVE-2021-40438
Assigner-Apache Software Foundation
ShareView Details
Assigner-Apache Software Foundation
CVSS Score-9||CRITICAL
EPSS-94.44% / 99.99%
||
7 Day CHG~0.00%
Published-16 Sep, 2021 | 14:40
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-15||Apply updates per vendor instructions.
mod_proxy SSRF

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

Action-Not Available
Vendor-resfNetApp, Inc.Red Hat, Inc.F5, Inc.Siemens AGOracle CorporationFedora ProjectBroadcom Inc.Debian GNU/LinuxThe Apache Software FoundationTenable, Inc.
Product-enterprise_linux_for_power_big_endianenterprise_linux_server_workstationenterprise_linux_workstationsinec_nmsenterprise_linux_server_ausbrocade_fabric_operating_system_firmwaresoftware_collectionsenterprise_linux_update_services_for_sap_solutionsclustered_data_ontapenterprise_linux_serverzfs_storage_appliance_kitsecure_global_desktopenterprise_linux_for_power_little_endiansinema_serverenterprise_linux_for_arm_64storagegridf5osenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_eusenterprise_linux_server_tusenterprise_linux_server_update_services_for_sap_solutionsenterprise_linuxhttp_serverinstantis_enterprisetrackcloud_backuptenable.scrocky_linuxenterprise_manager_ops_centerruggedcom_nmsenterprise_linux_for_scientific_computingenterprise_linux_for_ibm_z_systemsenterprise_linux_for_power_little_endian_eussinema_remote_connect_serverfedorajboss_core_servicesdebian_linuxenterprise_linux_for_ibm_z_systems_eus_s390xenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_arm_64_eusApache HTTP ServerApache
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)