Information security specialists reported the detection of two severe flaws in Apache Traffic Server (ATS), a modular, high-performance reverse proxy and forward proxy server, generally comparable to Nginx and Squid. As per the report, successful exploitation of these flaws would allow performing dangerous cyberattack variants.
Below are brief descriptions of the reported flaws and their respective tracking key and scores set by the Common Vulnerability Scoring System (CVSS).
CVE-2021-44759: A bug in TLS source validation would allow remote threat actors to perform Man-in-The-Middle (MiTM) attacks to evade the authentication process on affected deployments.
This is a medium-severity flaw and received a CVSS score of 6.4/10.
CVE-2021-44040: An insufficient validation when processing requests would allow remote threat actors to pass specially crafted input, thus performing denial of service (DoS) attacks.
The vulnerability received a CVSS score of 6.5/10.
According to the report, these flaws reside in all versions of Apache Traffic Server between v8.0.0 and v9.1.1.
Even though these issues could be exploited by remote threat actors using specially crafted data, there are no active exploitation reports known. Still, information security specialists recommend users of affected implementations patch their software as soon as possible.
Feel free to access the International Institute of Cyber Security (IICS) websites to learn more about information security risks, malware variants, vulnerabilities, and information technologies.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.