claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2021-42013-apache-http-server.log

CVE-2021-42013 — Apache HTTP Server Path Traversal Vulnerability

2021-11-03 • CISA Known Exploited Vulnerability

[event] Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default require all denied or if CGI scripts are enabled. This CVE ID resolves an incomplete patch for CVE-2021-41773.

> AFFECTED SOFTWARE

Field Value
Vendor Apache
Product HTTP Server
CWE CWE-22
CVE ID CVE-2021-42013
Date Added 2021-11-03
Due Date 2021-11-17
Ransomware Campaign Known — this vulnerability has been leveraged in ransomware campaigns

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2021-11-17

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:15 UTC