CVE-2024-38472
SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content
Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing.
Learn more about our Cis Benchmark Audit For Apache Http Server.
Learn more about our Cis Benchmark Audit For Apache Http Server.