Search criteria
12 vulnerabilities found for Apache Traffic Control by Apache Software Foundation
CVE-2025-61581 (GCVE-0-2025-61581)
Vulnerability from cvelistv5 – Published: 2025-10-16 08:40 – Updated: 2025-11-04 21:13
VLAI?
Summary
** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control.
This issue affects Apache Traffic Control: all versions.
People with access to the management interface of the Traffic Router component could specify malicious patterns and cause unavailability.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
No CVSS data available.
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
0 , < *
(semver)
|
Credits
Chris Lemmons
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-61581",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-17T13:53:41.443732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T13:54:36.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:13:58.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/10/16/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chris Lemmons"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Traffic Control: all versions.\u003c/p\u003e\u003cp\u003ePeople with access to the management interface of the Traffic Router component could specify malicious patterns and cause unavailability.\u003c/p\u003e\u003cp\u003eAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\u003c/p\u003e\u003cp\u003eNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\u003c/p\u003e"
}
],
"value": "** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control.\n\nThis issue affects Apache Traffic Control: all versions.\n\nPeople with access to the management interface of the Traffic Router component could specify malicious patterns and cause unavailability.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T08:40:11.865Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/mx2jxgnlop2f4vbqnvmrldh4pqmobxvp"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Apache Traffic Control: ReDoS issue in Traffic Router configuration",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-61581",
"datePublished": "2025-10-16T08:40:11.865Z",
"dateReserved": "2025-09-26T14:08:18.298Z",
"dateUpdated": "2025-11-04T21:13:58.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-45387 (GCVE-0-2024-45387)
Vulnerability from cvelistv5 – Published: 2024-12-23 15:30 – Updated: 2024-12-24 01:47
VLAI?
Summary
An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.
Users are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.
Severity ?
9.9 (Critical)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
8.0.0 , ≤ 8.0.1
(semver)
Unaffected: 7.0.0 , < 8.0.0 (semver) |
Credits
Yuan Luo from Tencent YunDing Security Lab
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-12-23T18:03:27.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/12/23/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-24T01:47:07.033295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-24T01:47:40.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "traffic_ops",
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "8.0.1",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThan": "8.0.0",
"status": "unaffected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yuan Luo from Tencent YunDing Security Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn SQL injection vulnerability in Traffic Ops in Apache Traffic Control \u0026lt;= 8.0.1, \u0026gt;= 8.0.0 allows a privileged user with role \"admin\", \"federation\", \"operations\", \"portal\", or \"steering\" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.\u003c/div\u003eUsers are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops."
}
],
"value": "An SQL injection vulnerability in Traffic Ops in Apache Traffic Control \u003c= 8.0.1, \u003e= 8.0.0 allows a privileged user with role \"admin\", \"federation\", \"operations\", \"portal\", or \"steering\" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.\n\nUsers are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-23T15:30:13.873Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/t38nk5n7t8w3pb66z7z4pqfzt4443trr"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Traffic Control: SQL Injection in Traffic Ops endpoint PUT deliveryservice_request_comments",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45387",
"datePublished": "2024-12-23T15:30:13.873Z",
"dateReserved": "2024-08-28T18:16:31.298Z",
"dateUpdated": "2024-12-24T01:47:40.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23206 (GCVE-0-2022-23206)
Vulnerability from cvelistv5 – Published: 2022-02-06 15:15 – Updated: 2024-08-03 03:36
VLAI?
Summary
In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach.
Severity ?
No CVSS data available.
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
Traffic Ops , < 6.1.0
(custom)
|
Credits
Apache Traffic Control would like to thank walkerxiong of SecCoder Security Lab for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "5.1.6",
"status": "unaffected"
}
],
"lessThan": "6.1.0",
"status": "affected",
"version": "Traffic Ops",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache Traffic Control would like to thank walkerxiong of SecCoder Security Lab for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-06T15:15:10",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth",
"workarounds": [
{
"lang": "en",
"value": "6.0.x user should upgrade to 6.1.0.\n5.1.x users should upgrade to 5.1.6 or 6.1.0."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-23206",
"STATE": "PUBLIC",
"TITLE": "Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Traffic Ops",
"version_value": "6.1.0"
},
{
"version_affected": "\u003c",
"version_name": "Traffic Ops",
"version_value": "5.1.6"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache Traffic Control would like to thank walkerxiong of SecCoder Security Lab for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "6.0.x user should upgrade to 6.1.0.\n5.1.x users should upgrade to 5.1.6 or 6.1.0."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-23206",
"datePublished": "2022-02-06T15:15:10",
"dateReserved": "2022-01-13T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43350 (GCVE-0-2021-43350)
Vulnerability from cvelistv5 – Published: 2021-11-11 13:00 – Updated: 2024-08-04 03:55
VLAI?
Summary
An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter.
Severity ?
No CVSS data available.
CWE
- CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
Traffic Ops , < 6.0.1
(custom)
|
Credits
This issue was discovered by Apache Traffic Control user pupiles.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:28.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trafficcontrol.apache.org/security/"
},
{
"name": "[oss-security] 20211111 CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/3"
},
{
"name": "[oss-security] 20211111 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/4"
},
{
"name": "[oss-security] 20211116 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/17/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "5.1.4",
"status": "unaffected"
}
],
"lessThan": "6.0.1",
"status": "affected",
"version": "Traffic Ops",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Apache Traffic Control user pupiles."
}
],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter."
}
],
"metrics": [
{
"other": {
"content": {
"other": "critical"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-90",
"description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-17T12:06:08",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trafficcontrol.apache.org/security/"
},
{
"name": "[oss-security] 20211111 CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/3"
},
{
"name": "[oss-security] 20211111 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/4"
},
{
"name": "[oss-security] 20211116 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/17/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "LDAP filter injection vulnerability in Traffic Ops",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-43350",
"STATE": "PUBLIC",
"TITLE": "LDAP filter injection vulnerability in Traffic Ops"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Traffic Ops",
"version_value": "6.0.1"
},
{
"version_affected": "\u003c",
"version_name": "Traffic Ops",
"version_value": "5.1.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Apache Traffic Control user pupiles."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "critical"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trafficcontrol.apache.org/security/",
"refsource": "MISC",
"url": "https://trafficcontrol.apache.org/security/"
},
{
"name": "[oss-security] 20211111 CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/3"
},
{
"name": "[oss-security] 20211111 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/4"
},
{
"name": "[oss-security] 20211116 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/11/17/1"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-43350",
"datePublished": "2021-11-11T13:00:15",
"dateReserved": "2021-11-03T00:00:00",
"dateUpdated": "2024-08-04T03:55:28.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42009 (GCVE-0-2021-42009)
Vulnerability from cvelistv5 – Published: 2021-10-12 07:40 – Updated: 2024-08-04 03:22
VLAI?
Summary
An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3.
Severity ?
No CVSS data available.
CWE
- CWE-20 - Improper Input Validation
- Email Injection Vulnerability
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
4.0.0 , < Apache Traffic Control*
(custom)
|
Credits
This issue was discovered by GitHub's CodeQL code scanning service.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
},
{
"name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "5.0.0",
"status": "affected"
}
],
"lessThan": "Apache Traffic Control*",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by GitHub\u0027s CodeQL code scanning service."
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Email Injection Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-13T23:06:11",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
},
{
"name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87%40%3Cannounce.apache.org%3E"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Traffic Control Traffic Ops Email Injection Vulnerability",
"workarounds": [
{
"lang": "en",
"value": "5.1.x users should upgrade to 5.1.3 or 6.0.0.\n4.1.x users should upgrade to 5.1.3."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-42009",
"STATE": "PUBLIC",
"TITLE": "Apache Traffic Control Traffic Ops Email Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "Apache Traffic Control",
"version_value": "4.0.0"
},
{
"version_affected": "\u003e=",
"version_name": "Apache Traffic Control",
"version_value": "5.0.0"
},
{
"version_affected": "\u003c=",
"version_name": "Apache Traffic Control",
"version_value": "5.1.2 +1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by GitHub\u0027s CodeQL code scanning service."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Email Injection Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
},
{
"name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb@%3Cdev.trafficcontrol.apache.org%3E"
},
{
"name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87@%3Cannounce.apache.org%3E"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "5.1.x users should upgrade to 5.1.3 or 6.0.0.\n4.1.x users should upgrade to 5.1.3."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-42009",
"datePublished": "2021-10-12T07:40:11",
"dateReserved": "2021-10-05T00:00:00",
"dateUpdated": "2024-08-04T03:22:25.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7670 (GCVE-0-2017-7670)
Vulnerability from cvelistv5 – Published: 2017-07-10 18:00 – Updated: 2024-09-16 17:52
VLAI?
Summary
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
1.8.0 incubating
Affected: 2.0.0 RC0 incubating |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:27.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.8.0 incubating"
},
{
"status": "affected",
"version": "2.0.0 RC0 incubating"
}
]
}
],
"datePublic": "2017-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-16T20:06:13",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-07-07T00:00:00",
"ID": "CVE-2017-7670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_value": "1.8.0 incubating"
},
{
"version_value": "2.0.0 RC0 incubating"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0@%3Cusers.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c@%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8@%3Ccommits.trafficcontrol.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-7670",
"datePublished": "2017-07-10T18:00:00Z",
"dateReserved": "2017-04-11T00:00:00",
"dateUpdated": "2024-09-16T17:52:59.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-61581 (GCVE-0-2025-61581)
Vulnerability from nvd – Published: 2025-10-16 08:40 – Updated: 2025-11-04 21:13
VLAI?
Summary
** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control.
This issue affects Apache Traffic Control: all versions.
People with access to the management interface of the Traffic Router component could specify malicious patterns and cause unavailability.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
No CVSS data available.
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
0 , < *
(semver)
|
Credits
Chris Lemmons
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-61581",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-17T13:53:41.443732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T13:54:36.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:13:58.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/10/16/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chris Lemmons"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Traffic Control: all versions.\u003c/p\u003e\u003cp\u003ePeople with access to the management interface of the Traffic Router component could specify malicious patterns and cause unavailability.\u003c/p\u003e\u003cp\u003eAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\u003c/p\u003e\u003cp\u003eNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\u003c/p\u003e"
}
],
"value": "** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control.\n\nThis issue affects Apache Traffic Control: all versions.\n\nPeople with access to the management interface of the Traffic Router component could specify malicious patterns and cause unavailability.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T08:40:11.865Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/mx2jxgnlop2f4vbqnvmrldh4pqmobxvp"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Apache Traffic Control: ReDoS issue in Traffic Router configuration",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-61581",
"datePublished": "2025-10-16T08:40:11.865Z",
"dateReserved": "2025-09-26T14:08:18.298Z",
"dateUpdated": "2025-11-04T21:13:58.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-45387 (GCVE-0-2024-45387)
Vulnerability from nvd – Published: 2024-12-23 15:30 – Updated: 2024-12-24 01:47
VLAI?
Summary
An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.
Users are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.
Severity ?
9.9 (Critical)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
8.0.0 , ≤ 8.0.1
(semver)
Unaffected: 7.0.0 , < 8.0.0 (semver) |
Credits
Yuan Luo from Tencent YunDing Security Lab
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-12-23T18:03:27.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/12/23/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-24T01:47:07.033295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-24T01:47:40.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "traffic_ops",
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "8.0.1",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThan": "8.0.0",
"status": "unaffected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yuan Luo from Tencent YunDing Security Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn SQL injection vulnerability in Traffic Ops in Apache Traffic Control \u0026lt;= 8.0.1, \u0026gt;= 8.0.0 allows a privileged user with role \"admin\", \"federation\", \"operations\", \"portal\", or \"steering\" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.\u003c/div\u003eUsers are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops."
}
],
"value": "An SQL injection vulnerability in Traffic Ops in Apache Traffic Control \u003c= 8.0.1, \u003e= 8.0.0 allows a privileged user with role \"admin\", \"federation\", \"operations\", \"portal\", or \"steering\" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.\n\nUsers are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-23T15:30:13.873Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/t38nk5n7t8w3pb66z7z4pqfzt4443trr"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Traffic Control: SQL Injection in Traffic Ops endpoint PUT deliveryservice_request_comments",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45387",
"datePublished": "2024-12-23T15:30:13.873Z",
"dateReserved": "2024-08-28T18:16:31.298Z",
"dateUpdated": "2024-12-24T01:47:40.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23206 (GCVE-0-2022-23206)
Vulnerability from nvd – Published: 2022-02-06 15:15 – Updated: 2024-08-03 03:36
VLAI?
Summary
In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach.
Severity ?
No CVSS data available.
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
Traffic Ops , < 6.1.0
(custom)
|
Credits
Apache Traffic Control would like to thank walkerxiong of SecCoder Security Lab for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "5.1.6",
"status": "unaffected"
}
],
"lessThan": "6.1.0",
"status": "affected",
"version": "Traffic Ops",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache Traffic Control would like to thank walkerxiong of SecCoder Security Lab for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-06T15:15:10",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth",
"workarounds": [
{
"lang": "en",
"value": "6.0.x user should upgrade to 6.1.0.\n5.1.x users should upgrade to 5.1.6 or 6.1.0."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-23206",
"STATE": "PUBLIC",
"TITLE": "Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Traffic Ops",
"version_value": "6.1.0"
},
{
"version_affected": "\u003c",
"version_name": "Traffic Ops",
"version_value": "5.1.6"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache Traffic Control would like to thank walkerxiong of SecCoder Security Lab for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/lsrd2mqj29vrvwsh8g0d560vvz8n126f"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "6.0.x user should upgrade to 6.1.0.\n5.1.x users should upgrade to 5.1.6 or 6.1.0."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-23206",
"datePublished": "2022-02-06T15:15:10",
"dateReserved": "2022-01-13T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43350 (GCVE-0-2021-43350)
Vulnerability from nvd – Published: 2021-11-11 13:00 – Updated: 2024-08-04 03:55
VLAI?
Summary
An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter.
Severity ?
No CVSS data available.
CWE
- CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
Traffic Ops , < 6.0.1
(custom)
|
Credits
This issue was discovered by Apache Traffic Control user pupiles.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:28.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trafficcontrol.apache.org/security/"
},
{
"name": "[oss-security] 20211111 CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/3"
},
{
"name": "[oss-security] 20211111 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/4"
},
{
"name": "[oss-security] 20211116 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/17/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "5.1.4",
"status": "unaffected"
}
],
"lessThan": "6.0.1",
"status": "affected",
"version": "Traffic Ops",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Apache Traffic Control user pupiles."
}
],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter."
}
],
"metrics": [
{
"other": {
"content": {
"other": "critical"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-90",
"description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-17T12:06:08",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trafficcontrol.apache.org/security/"
},
{
"name": "[oss-security] 20211111 CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/3"
},
{
"name": "[oss-security] 20211111 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/4"
},
{
"name": "[oss-security] 20211116 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/17/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "LDAP filter injection vulnerability in Traffic Ops",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-43350",
"STATE": "PUBLIC",
"TITLE": "LDAP filter injection vulnerability in Traffic Ops"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Traffic Ops",
"version_value": "6.0.1"
},
{
"version_affected": "\u003c",
"version_name": "Traffic Ops",
"version_value": "5.1.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Apache Traffic Control user pupiles."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "critical"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trafficcontrol.apache.org/security/",
"refsource": "MISC",
"url": "https://trafficcontrol.apache.org/security/"
},
{
"name": "[oss-security] 20211111 CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/3"
},
{
"name": "[oss-security] 20211111 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/11/11/4"
},
{
"name": "[oss-security] 20211116 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/11/17/1"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-43350",
"datePublished": "2021-11-11T13:00:15",
"dateReserved": "2021-11-03T00:00:00",
"dateUpdated": "2024-08-04T03:55:28.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42009 (GCVE-0-2021-42009)
Vulnerability from nvd – Published: 2021-10-12 07:40 – Updated: 2024-08-04 03:22
VLAI?
Summary
An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3.
Severity ?
No CVSS data available.
CWE
- CWE-20 - Improper Input Validation
- Email Injection Vulnerability
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
4.0.0 , < Apache Traffic Control*
(custom)
|
Credits
This issue was discovered by GitHub's CodeQL code scanning service.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
},
{
"name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "5.0.0",
"status": "affected"
}
],
"lessThan": "Apache Traffic Control*",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by GitHub\u0027s CodeQL code scanning service."
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Email Injection Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-13T23:06:11",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
},
{
"name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87%40%3Cannounce.apache.org%3E"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Traffic Control Traffic Ops Email Injection Vulnerability",
"workarounds": [
{
"lang": "en",
"value": "5.1.x users should upgrade to 5.1.3 or 6.0.0.\n4.1.x users should upgrade to 5.1.3."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-42009",
"STATE": "PUBLIC",
"TITLE": "Apache Traffic Control Traffic Ops Email Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "Apache Traffic Control",
"version_value": "4.0.0"
},
{
"version_affected": "\u003e=",
"version_name": "Apache Traffic Control",
"version_value": "5.0.0"
},
{
"version_affected": "\u003c=",
"version_name": "Apache Traffic Control",
"version_value": "5.1.2 +1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by GitHub\u0027s CodeQL code scanning service."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address. Apache Traffic Control 5.1.x users should upgrade to 5.1.3 or 6.0.0. 4.1.x users should upgrade to 5.1.3."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Email Injection Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/10/12/1"
},
{
"name": "[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb@%3Cdev.trafficcontrol.apache.org%3E"
},
{
"name": "[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87@%3Cannounce.apache.org%3E"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "5.1.x users should upgrade to 5.1.3 or 6.0.0.\n4.1.x users should upgrade to 5.1.3."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-42009",
"datePublished": "2021-10-12T07:40:11",
"dateReserved": "2021-10-05T00:00:00",
"dateUpdated": "2024-08-04T03:22:25.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7670 (GCVE-0-2017-7670)
Vulnerability from nvd – Published: 2017-07-10 18:00 – Updated: 2024-09-16 17:52
VLAI?
Summary
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Traffic Control |
Affected:
1.8.0 incubating
Affected: 2.0.0 RC0 incubating |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:27.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Traffic Control",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.8.0 incubating"
},
{
"status": "affected",
"version": "2.0.0 RC0 incubating"
}
]
}
],
"datePublic": "2017-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-16T20:06:13",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0%40%3Cusers.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c%40%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8%40%3Ccommits.trafficcontrol.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-07-07T00:00:00",
"ID": "CVE-2017-7670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Traffic Control",
"version": {
"version_data": [
{
"version_value": "1.8.0 incubating"
},
{
"version_value": "2.0.0 RC0 incubating"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is restarted. If connections remain in the ESTABLISHED state indefinitely and accumulate in number to match the size of the thread pool dedicated to processing DNS requests, the thread pool becomes exhausted. Once the thread pool is exhausted, Traffic Router is unable to service any DNS request, regardless of transport protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/42b207e9f526353b504591684bd02a5e9fcb4b8f28534253d07740a0@%3Cusers.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/bb09fc29e9c2ee85b118a3d5748a8a523d30cf691ff8b606c6a1748c@%3Ccommits.trafficcontrol.apache.org%3E"
},
{
"name": "[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3c675031ac220b5eae64a9c84a03ee60045c6045738607dca4a96cb8@%3Ccommits.trafficcontrol.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-7670",
"datePublished": "2017-07-10T18:00:00Z",
"dateReserved": "2017-04-11T00:00:00",
"dateUpdated": "2024-09-16T17:52:59.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}