Defense.com

The Apache 2.4.x &lt; 2.4.52 Multiple Vulnerabilities when detected with a vulnerability scanner will report it as a CVSS 9.8 (v3).

___________________________________________________________

The Apache 2.4.x &lt; 2.4.53 Multiple Vulnerabilities when detected with a vulnerability scanner will report it as a CVSS 9.8 (v3).

CVSS is a scoring system for vulnerability systems, it's an industry standard scoring system to mark findings against a specific number ranging from 0 to 10.  They are shown as:

The Apache software causing this vulnerability is installed and bundled with all Apple MacOS devices by default for all versions as well (Catalina, Bigsur, Monterey etc.).

The application is installed but is disabled by default and is not active. However, the manufacturer does not provide updates for this application along with the OS updates.

For the purpose of Cyber Essentials Plus assessment, this vulnerability is not considered as it as the manufacturer does not provide updates for it and also is disabled by default.

/bin/launchctl disable system/org.apache.httpd

Command to check whether Apache\httpd is enabled:

/bin/launchctl print-disabled system | /usr/bin/grep -c '"org.apache.httpd" =&gt; true'

Apple MacOS Apache Vulnerabilities

Privacy notice

Cookie policy

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you