VYPR
Unrated severityNVD Advisory· Published Jun 8, 2022· Updated Aug 3, 2024

mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism

CVE-2022-31813

Description

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

58

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.