NVD Vulnerability Detail

CVE-2024-38475

Summary	Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained.
Publication Date	July 2, 2024, 4:15 a.m.
Registration Date	July 2, 2024, 10 a.m.
Last Update	Nov. 21, 2024, 6:26 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://httpd.apache.org/security/vulnerabilities_24.html
2	https://security.netapp.com/advisory/ntap-20240712-0001/
3	https://www.blackhat.com/us-24/briefings/schedule/index.html#confusion-attacks-exploiting-hidden-semantic-ambiguity-in-apache-http-server-pre-recorded-40227
4	https://security.netapp.com/advisory/ntap-20240712-0001/
5	http://www.openwall.com/lists/oss-security/2024/07/01/8
6	https://github.com/apache/httpd/commit/9a6157d1e2f7ab15963020381054b48782bc18cf
7	https://httpd.apache.org/security/vulnerabilities_24.html

Common Vulnerabilities List

JVN Vulnerability Information

Apache Software Foundation の Apache HTTP Server 等複数ベンダの製品におけるエンコードおよびエスケープに関する脆弱性

Title	Apache Software Foundation の Apache HTTP Server 等複数ベンダの製品におけるエンコードおよびエスケープに関する脆弱性
Summary	Apache Software Foundation の Apache HTTP Server 等複数ベンダの製品には、エンコードおよびエスケープに関する脆弱性が存在します。
Possible impacts	攻撃者により、リモートでコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	July 1, 2024, midnight
Registration Date	May 7, 2025, 10:30 a.m.
Last Update	May 7, 2025, 10:30 a.m.

Affected System

Apache Software Foundation

Apache HTTP Server 2.4.0 以上 2.4.60 未満

NetApp

ONTAP 9

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-38475	https://www.cve.org/CVERecord?id=CVE-2024-38475
National Vulnerability Database (NVD)
2	CVE-2024-38475	https://nvd.nist.gov/vuln/detail/CVE-2024-38475

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-116	https://cwe.mitre.org/data/definitions/116.html

ベンダー情報

No	Name	URL
Apache httpd 2.4 vulnerabilities
1	important: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (CVE-2024-38475)	https://httpd.apache.org/security/vulnerabilities_24.html
NetApp Advisory
2	NTAP-20240712-0001	https://security.netapp.com/advisory/ntap-20240712-0001/

その他

No	Name	URL
CISA Known Exploited Vulnerabilities Catalog
1	CISA Adds Two Known Exploited Vulnerabilities to Catalog	https://www.cisa.gov/news-events/alerts/2025/05/01/cisa-adds-two-known-exploited-vulnerabilities-catalog
JVN
2	JVNVU#97151944	https://jvn.jp/vu/JVNVU97151944/
関連文書
3	github.com (9a6157d1e2f7ab15963020381054b48782bc18cf)	https://github.com/apache/httpd/commit/9a6157d1e2f7ab15963020381054b48782bc18cf
4	www.blackhat.com (index.html#confusion-attacks-exploiting-hidden-semantic-ambiguity-in-apache-http-server-pre-recorded-40227)	https://www.blackhat.com/us-24/briefings/schedule/index.html#confusion-attacks-exploiting-hidden-semantic-ambiguity-in-apache-http-server-pre-recorded-40227
5	www.openwall.com (oss-security/2024/07/01/8)	http://www.openwall.com/lists/oss-security/2024/07/01/8

Change Log

No	Changed Details	Date of change
1	[2025年05月07日] 掲載	May 7, 2025, 10:30 a.m.