•  Unit 4, 6-8 Herbert Street, St Leonards NSW 2065
  •  +02 9334 5600
  •   customercare@voiceplus.com.au
Portal Login
voiceplus_logo.png
  • Home
  • About Us
  • Contact Us
  • Blog
    • Blog

    VoicePlus Blog

    Critical Vulnerability in Certain Versions of Apache HTTP Server

    18 October 2021 by Australian Cyber Security Centre 0 Comments
    • Tweet

    A vulnerability exists in Apache HTTP Server 2.4.49. A cyber actor could exploit this vulnerability to execute arbitrary code. Initial information also indicates that the vulnerability could also be used perform remote code execution under certain configurations. Affected Australian organisations should apply the available patch.

    Alert status: CRITICAL

    Background /What has happened?

    Vulnerabilities (CVE-2021-41773) and CVE-2021-42013) have been identified in Apache HTTP Server, one of the most commonly used web servers in Australia and globally across both Unix-based and Microsoft Windows environments. This vulnerability could allow a cyber actor to execute arbitrary code remotely or download sensitive files outside of the web server root. A cyber actor could use these vulnerabilities to install malware or otherwise control the affected host or download files containing credentials or other sensitive information. A new update has been released by the Apache Software Foundation (version 2.4.51) which addresses the vulnerabilities present in 2.4.49 and 2.4.50.

    The Apache Software Foundation has identified that this vulnerability is actively being exploited.

    Mitigation / How do I stay secure?

    Australian organisations who utilise Apache HTTP Server should review their patch level and update to the latest available version if required.

    Further details on the vulnerability and software updates are available from the Apache Software Foundation.

    Assistance / Where can I go for help?

    The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1 (1300 292 371).

    • Tweet

    Our Services

    Enterprise

    • Atrium EndPoint
    • Telecom Expense Management
    • Mobile Device Management
    • 4G-5G Router - IOT

    Enterprise Outcomes

    • Cost Optimisation
    • Cost Visibility
    • Managed Mobility

    Latest Posts

    New call-to-action
    voiceplus_logo.png

    VoicePlus is your independent managed mobility and endpoint specialist. We combine our experience and technology to secure costs savings and optimise productivity for clients seeking better business outcome

    View Demo Arrow Right

    • Home
    • About
    • Privacy Policy
    • Modern Slavery

    Contact Us

    Find Us

    • linkedin
    • twitter
    • facebook
    •   Suite 902, 275 Alfred St. North Sydney NSW 2060
    •   +61 2 9334 5600
    •  customercare@voiceplus.com.au

    Latest From Blog

    Copyright © 2022. All Rights Reserved