Nessus reports High Vulnerability, Apache < 2.4.54 and OpenSSL < 1.1.1o

RichardW · June 21, 2022

Hi,
I've recently been running Nessus reports against our PCI platform and a couple of results have show up regard Apache Proxy
OpenSSL 1.1.1 < 1.1.1o Vulnerability | Tenable®
Apache 2.4.x < 2.4.54 Multiple Vulnerabilities | Tenable®
One is classed as Critical the other High

Currently I'm on Apache proxy 2.4.53 which seems to be the latest from the main Eset download page
are there any plans to switch to 2.4.54 any time soon? since I think that would fix at least one of them.
Apache HTTP Server 2.4 vulnerabilities - The Apache HTTP Server Project

Marcos · June 21, 2022

The vulnerable component is not present in ESET's configuration of the Apache HTTP Proxy.

Recommended Posts