SBN

How RASP Protects Apache Servers from zero-day Path Traversal Attacks (CVE-2021-41773)

In late September of 2021, a path traversal and file disclosure vulnerability was disclosed and reported as CVE-2021-41773 in Apache HTTP Server version 2.4.29. Both Windows and Linux servers are affected.

This vulnerability, which occurs via remote code execution (RCE), exposes a path traversal bug and allows attackers to access and read arbitrary files on the server, including sensitive system files, source code, and more. This unauthorized access could not only leak confidential user data, but could provide the information needed to plan more additional zero-day or ransomware attacks in the future and lead to a full system compromise.

On October 4th, just days after it was originally reported, Apache released a fix with an update to 2.4.50, and urged users to deploy this patch. However upon further investigation, this patch was found to be insufficient resulting in an additional patch bumping the version number to 2.4.51 on October 7th (CVE-2021-42013). It is unclear whether or not the new patch has fully corrected the vulnerability.

Luckily, enterprises that have RASP protections installed on their servers already have protections available that prevent Path Traversal attacks, thereby safeguarding systems from vulnerabilities like CVE-2021-42013 and others like it.

To verify this protection is enabled in the suite of RASP security protections, simply navigate to the RASP Management Console and select the desired configuration file. Scroll through the various security protections until reaching the Path Traversal module, then update any settings as desired to adjust the security levels. The updated configuration file can be copied onto the server, and updated protections will be in effect within 60 seconds.

RASP can also be easily installed and configured on additional devices and servers as needed to offer full protection against these vulnerabilities and hackers, as Apache recognizes these vulnerabilities are being actively exploited by bad actors.

For more information, please contact RASP Technical Support at [email protected] or ask for a RASP demo via https://docs.imperva.com/bundle/rasp-overview/page/73763.htm

The post How RASP Protects Apache Servers from zero-day Path Traversal Attacks (CVE-2021-41773) appeared first on Blog.

*** This is a Security Bloggers Network syndicated blog from Blog authored by William Houcheime. Read the original post at: https://www.imperva.com/blog/how-rasp-protects-apache-servers-from-zero-day-path-traversal-attacks-cve-2021-41773/