Fluid Attacks Database

Description

Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	modsecurity-apache	=2.9.3-3 \|\| =2.9.3-3+deb11u1 \|\| >=0 <2.9.3-3+deb11u2	2.9.3-3+deb11u2
debian 12	modsecurity-apache	>=0 <2.9.7-1	2.9.7-1
debian 13	modsecurity-apache	>=0 <2.9.7-1	2.9.7-1
debian 14	modsecurity-apache	>=0 <2.9.7-1	2.9.7-1
rpm rhel7	mod_security	-	-
rpm rhel8	mod_security	-	-
rpm rhel9	mod_security	-	-

Aliases

1. CVE-2023-240212. NVD-2023-240213. OSV-DEBIAN-2023-240214. OSV-2023-240215. SECURITY-TRACKER-CVE-2023-24021

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.