{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T21:45:10.725","vulnerabilities":[{"cve":{"id":"CVE-2024-38473","sourceIdentifier":"security@apache.org","published":"2024-07-01T19:15:04.657","lastModified":"2025-07-01T20:25:09.547","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue."},{"lang":"es","value":"El problema de codificación en mod_proxy en Apache HTTP Server 2.4.59 y versiones anteriores permite que las URL de solicitud con codificación incorrecta se envíen a servicios backend, lo que potencialmente evita la autenticación mediante solicitudes manipuladas. Se recomienda a los usuarios actualizar a la versión 2.4.60, que soluciona este problema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-116"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.4.0","versionEndExcluding":"2.4.60","matchCriteriaId":"13126636-FD76-4E3E-B949-14A5082DE02A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*","matchCriteriaId":"A20333EE-4C13-426E-8B54-D78679D5DDB8"}]}]}],"references":[{"url":"https://httpd.apache.org/security/vulnerabilities_24.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20240712-0001/","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/07/01/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://httpd.apache.org/security/vulnerabilities_24.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20240712-0001/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}