CNNVD-202507-1516 Information

CNNVD ID

CNNVD-202507-1516

Related CVE

CVE-2025-49812

• CNNVD Published: 2025-07-10

Description (Chinese)

Apache HTTP Server是美国阿帕奇（Apache）基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server 2.4.63及之前版本存在授权问题漏洞，该漏洞源于mod_ssl配置不当，可能导致HTTP会话劫持。

Description (English)

Apache HTTP Server is an open-source web server of the Apache Foundation in the United States. The server has a fast, reliable character and can be expanded through a simple API. There is a mandate gap in Apache HTTP Server 2.4.63 and earlier versions, which stems from the misconfiguration of the mod ssl, which could lead to the hijacking of HTTP sessions.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

阿帕奇

Published

2025-07-10

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-49812 https://access.redhat.com/security/cve/cve-2025-49812 https://vigilance.fr/vulnerability/Apache-

Patch

https://httpd.apache.org/download.cgi