Improper Input Validation in Apache Traffic Server: Proxy Configuration Vulnerability
CVE-2023-30631 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.push_method_enabled didn't function. However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Learn more about our Cis Benchmark Audit For Apache Http Server.