CVE-2024-50306

Summary

Unchecked return value can allow Apache Traffic Server to retain privileges on startup.

This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1.

Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Traffic Server9.2.0 <= 9.2.5affected
Apache Software FoundationApache Traffic Server10.0.0 <= 10.0.1affected

Weaknesses

  • CWE-252: CWE-252 Unchecked Return Value

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References