Apache HTTP Server 2.4.52 and earlier Vulnerability: HTTP Request Smuggling

Apache HTTP Server 2.4.52 and earlier Vulnerability: HTTP Request Smuggling

CVE-2022-22720 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

Learn more about our Cis Benchmark Audit For Server Software.