Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Apache HTTP Server Vulnerabilities (CVE-2021-41773 & CVE-2021-42013)

Picture of Cyrus Robinson Cyrus Robinson : Oct 22, 2021 12:00:00 AM

Cybersecurity Advisory Cybersecurity Controls

These vulnerabilities are currently being exploited in the wild. As of October 21st, there are nearly 48,000 web-exposed servers with these vulnerabilities.


Affected Software / System

Apache HTTP Server version 2.4.49 and 2.4.50.


CVE (if applicable)

  • CVE-2021-41773 & CVE-2021-42013


Type

Path traversal vulnerability with remote code execution is possible for both CVEs.


Exploit Status: 

These vulnerabilities are currently being exploited in the wild. As of October 21st, there are nearly 48,000 web-exposed servers with these vulnerabilities.


Rating

CVE-2021-41773: “High” severity with a CVSS 3.0 rating of 7.5.
CVE-2021-42013: “Critical” severity with a CVSS 3.0 rating of 9.8.


Vulnerability Summary

CVE-2021-41773 is a vulnerability that enables actors to map URLs to files outside the expected document root by launching a path traversal attack. Attacks that exploit this vulnerability could potentially access files containing sensitive information. Additionally, there are reports of researchers who were able to leverage this vulnerability to execute remote code on the server.

CVE-2021-42013 is the result of Apache HTTP Server 2.4.50 being ineffective in fixing the vulnerability identified in version 2.4.49. This vulnerability is also the result of a path traversal vulnerability with remote code execution possible. This vulnerability affects 2.4.49 and 2.4.50.


Impact

Path traversal attacks involve sending requests to access backend or sensitive server directories that should be out of reach. Normally, these requests are blocked, but in this case, the filters are bypassed by using encoded characters. The vulnerabilities have been fixed in the most recent version of Apache (2.4.51).


Mitigation

Apache has provided an update to address these issues (version 2.4.51).


Ingalls recommends the following actions:

Organizations that currently use Apache HTTP Server Version 2.4.49 or 2.4.50 should upgrade to version 2.4.51 as soon as possible.
Log4Shell - Log4j Vulnerability (CVE-2021-44228)

Log4Shell - Log4j Vulnerability (CVE-2021-44228)

Dec 15, 2021 12:00:00 AM

Apache Log4j2 <=2.14.1 JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and...

Read More
PrintNightmare Vulnerability (CVE-2021-1675)

PrintNightmare Vulnerability (CVE-2021-1675)

Jul 1, 2021 12:00:00 AM

CVE-2021-1675(akaPrintNightmare) is a vulnerability in the built-in Windows “Print Spooler” service. Microsoft released a patch for CVE-2021-1675as

Read More
Critical Patches Issued for Microsoft Products, June 09, 2020

Critical Patches Issued for Microsoft Products, June 09, 2020

Jun 15, 2020 12:00:00 AM

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful...

Read More