How to fix CVE-2024-47252?

Within 24 hours: Identify all Apache HTTP Server instances running version 2.4.63 or earlier with CustomLog directives using SSL variables (%{varname}x or %{varname}c). Within 7 days: Implement compensating controls by disabling SSL variable logging if not operationally critical, or restrict untrusted client connections via network segmentation. Within 30 days: Monitor vendor security advisories for patch availability and prepare upgrade testing in non-production environments; establish log monitoring for suspicious escape character patterns as interim detection.

Is Tls affected by CVE-2024-47252?

Apache HTTP Server versions 2.4.63 and earlier contain a log injection vulnerability that allows attackers to manipulate server log files by injecting escape characters through SSL/TLS connections.

CVE-2024-47252

EUVD-2024-54773 HIGH

2025-07-10 [email protected]

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Patch Released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 16, 2026 - 06:52 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 06:52 euvd

EUVD-2024-54773

CVE Published

Jul 10, 2025 - 17:15 nvd

HIGH 7.5

Description

Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.

Analysis

CVE-2024-47252 is a security vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Technical Context

Vulnerability type not specified by vendor. CVSS 7.5 indicates high severity.

Affected Products

['Unspecified product']

Remediation

Monitor vendor channels for patch availability.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +38

POC: 0

Vendor Status

Ubuntu

Priority: Medium

apache2

Release	Status	Version
trusty	needs-triage	-
upstream	released	2.4.64-1
jammy	released	2.4.52-1ubuntu4.15
noble	released	2.4.58-1ubuntu8.7
plucky	released	2.4.63-1ubuntu1.1
bionic	released	2.4.29-1ubuntu4.27+esm6
focal	released	2.4.41-4ubuntu3.23+esm2
xenial	released	2.4.18-2ubuntu3.17+esm16
questing	released	2.4.64-1ubuntu2

USN-7639-1 USN-7639-2

Debian

apache2

Release	Status	Fixed Version	Urgency
bullseye	fixed	2.4.65-1~deb11u1	-
bullseye (security)	fixed	2.4.66-1~deb11u1	-
bookworm	fixed	2.4.65-1~deb12u1	-
bookworm (security)	vulnerable	2.4.62-1~deb12u2	-
trixie	fixed	2.4.66-1~deb13u2	-
forky, sid	fixed	2.4.66-8	-
(unstable)	fixed	2.4.64-1	-

DLA-4270-1

CVE-2024-47252 vulnerability details – vuln.today

Back

CVE-2024-47252

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

CVE-2024-47252

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

External POC / Exploit Code