VYPR
Critical severity9.8NVD Advisory· Published Mar 26, 2018· Updated Jun 17, 2026

CVE-2018-1312

CVE-2018-1312

Description

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17

Patches

Vulnerability mechanics

References

29

News mentions

0

No linked articles in our index yet.