CVE-2024-56196

CVE-2024-56196: Apache Traffic Server: ACL is not fully compatible with older versions

Vendor Apache Software Foundation

Product Apache Traffic Server

Weakness CWE-284

Published March 6, 2025

Last update March 6, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 10.0.4, which fixes the issue.

Key dates

Disclosure timeline

March 6, 2025 CVE published

March 6, 2025 Record updated