Skip to main content

Http Server CVE-2024-42516

| EUVD-2024-54775 HIGH
Improper Input Validation (CWE-20)
2025-07-10 security@apache.org
Apache Information Disclosure Http Server Red Hat Suse
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Ubuntu
MEDIUM
qualitative
SUSE
HIGH
qualitative
Red Hat
6.8 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 16, 2026 - 06:52 euvd
EUVD-2024-54775
Analysis Generated
Mar 16, 2026 - 06:52 vuln.today
CVE Published
Jul 10, 2025 - 17:15 nvd
HIGH 7.5

DescriptionCVE.org

HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.

This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.

Users are recommended to upgrade to version 2.4.64, which fixes this issue.

AnalysisAI

HTTP response splitting vulnerability in Apache HTTP Server core allows network-based attackers without authentication to inject arbitrary HTTP headers and content into responses by manipulating Content-Type headers in proxied or hosted applications, potentially enabling cache poisoning, session hijacking, or XSS attacks. Affects Apache HTTP Server versions prior to 2.4.64, with a critical note that the initial patch in 2.4.59 was incomplete. This is a regression/incomplete fix of CVE-2023-38709, indicating patch evasion and suggesting active exploitation interest.

Technical ContextAI

HTTP response splitting (CWE-20: Improper Input Validation) occurs when attacker-controlled data is insufficiently sanitized before being included in HTTP response headers. In this case, the vulnerability exists in Apache HTTP Server's core handling of Content-Type response headers. The server fails to properly validate or sanitize header values, allowing an attacker to inject CRLF (carriage return/line feed) sequences into the Content-Type header, which terminates the header section and allows injection of arbitrary additional headers or response body content. This affects the HTTP/1.1 protocol implementation (CVE-2023-38709 correlation indicates a long-standing issue). The incomplete patch in version 2.4.59 demonstrates that input validation filtering was insufficient, requiring more comprehensive header sanitization in 2.4.64. Affected CPE likely includes cpe:2.3:a:apache:http_server:2.4.0:through:2.4.63:*:*:*:*:*:*

RemediationAI

patch: Upgrade to Apache HTTP Server version 2.4.64 or later immediately; details: This version includes the complete fix for HTTP response splitting in Content-Type header handling interim_mitigation: Implement mod_security or similar WAF rules to sanitize responses; details: Filter or block responses containing suspicious CRLF sequences in headers; monitor for header injection patterns interim_mitigation: Restrict proxied backend applications; details: Limit proxying to trusted internal services; sanitize all backend responses at the application layer if possible interim_mitigation: Implement response header validation; details: Use Apache directives to strip or rewrite potentially dangerous Content-Type header values if patch cannot be deployed immediately configuration: Review and harden Content-Type header policies; details: Ensure applications set explicit, safe Content-Type values and do not echo user input into response headers

Vendor StatusVendor

Ubuntu

Priority: Medium
apache2
Release Status Version
trusty needs-triage -
upstream released 2.4.64-1
jammy released 2.4.52-1ubuntu4.15
noble released 2.4.58-1ubuntu8.7
plucky released 2.4.63-1ubuntu1.1
bionic released 2.4.29-1ubuntu4.27+esm6
focal released 2.4.41-4ubuntu3.23+esm2
xenial released 2.4.18-2ubuntu3.17+esm16
questing released 2.4.64-1ubuntu2
USN-7639-1 USN-7639-2

Debian

apache2
Release Status Fixed Version Urgency
bullseye fixed 2.4.65-1~deb11u1 -
bullseye (security) fixed 2.4.66-1~deb11u1 -
bookworm fixed 2.4.65-1~deb12u1 -
bookworm (security) vulnerable 2.4.62-1~deb12u2 -
trixie fixed 2.4.66-1~deb13u2 -
forky, sid fixed 2.4.66-8 -
(unstable) fixed 2.4.64-1 -
DLA-4270-1

SUSE

Severity: High
Product Status
Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.10 Image SLES15-SP4-Manager-Proxy-4-3-BYOS Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE Image SLES15-SP4-Manager-Server-4-3-BYOS Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE Image SLES15-SP4-SAP Image SLES15-SP4-SAP-Azure Image SLES15-SP4-SAP-EC2 Image SLES15-SP4-SAP-GCE Image SLES15-SP4-SAPCAL Image SLES15-SP4-SAPCAL-Azure Image SLES15-SP4-SAPCAL-EC2 Image SLES15-SP4-SAPCAL-GCE Image SLES15-SP5-SAPCAL-Azure Image SLES15-SP5-SAPCAL-EC2 Image SLES15-SP5-SAPCAL-GCE Affected
Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.1.7.26.2 Container suse/manager/5.0/x86_64/server:5.0.5.1.7.33.2 Image SLES15-SP6-SAP Image SLES15-SP6-SAP-Azure Image SLES15-SP6-SAP-EC2 Image SLES15-SP6-SAP-GCE Image SLES15-SP6-SAPCAL Image SLES15-SP6-SAPCAL-Azure Image SLES15-SP6-SAPCAL-EC2 Image SLES15-SP6-SAPCAL-GCE Affected
Container suse/multi-linux-manager/5.1/x86_64/proxy-httpd:5.1.1.8.9.2 Container suse/multi-linux-manager/5.1/x86_64/proxy-salt-broker:5.1.2.9.13.2 Container suse/multi-linux-manager/5.1/x86_64/server:5.1.1.8.7.1 Image SLES15-SP7-SAPCAL-Azure Image SLES15-SP7-SAPCAL-EC2 Image SLES15-SP7-SAPCAL-GCE Image proxy-httpd-image Image server-image Affected
SUSE Enterprise Storage 7.1 Fixed
SUSE Linux Enterprise Desktop 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP6 Fixed

Share

CVE-2024-42516 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy