Vulnerability Details CVE-2024-56202
Expected Behavior Violation vulnerability in Apache Traffic Server.
This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3.
Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.6%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2024-56202
-
cpe:2.3:a:apache:traffic_server:10.0.0
-
cpe:2.3:a:apache:traffic_server:10.0.1
-
cpe:2.3:a:apache:traffic_server:10.0.2
-
cpe:2.3:a:apache:traffic_server:10.0.3
-
cpe:2.3:a:apache:traffic_server:9.0.0
-
cpe:2.3:a:apache:traffic_server:9.0.1
-
cpe:2.3:a:apache:traffic_server:9.0.2
-
cpe:2.3:a:apache:traffic_server:9.1.0
-
cpe:2.3:a:apache:traffic_server:9.1.1
-
cpe:2.3:a:apache:traffic_server:9.1.2
-
cpe:2.3:a:apache:traffic_server:9.1.3
-
cpe:2.3:a:apache:traffic_server:9.1.4
-
cpe:2.3:a:apache:traffic_server:9.2.0
-
cpe:2.3:a:apache:traffic_server:9.2.1
-
cpe:2.3:a:apache:traffic_server:9.2.2
-
cpe:2.3:a:apache:traffic_server:9.2.3
-
cpe:2.3:a:apache:traffic_server:9.2.4
-
cpe:2.3:a:apache:traffic_server:9.2.5
-
cpe:2.3:a:apache:traffic_server:9.2.6
-
cpe:2.3:a:apache:traffic_server:9.2.7
-
cpe:2.3:a:apache:traffic_server:9.2.8