CVE-2023-33933
Apache Traffic Server: s3_auth plugin problem with hash calculation
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
We have discovered 598 live websites that are affected by CVE-2023-33933.
Affected Software
| Product |  ATS |
| Category | Web Servers |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 41 |
| Vulnerable Domains | 598 live websites (35.57% of ATS install base) |
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-33933 and the relative popularity of websitesDetails
- Published - Jun 14, 2023
- Updated - Jun 14, 2023
Credits
- Masakazu Kitajo (reporter)
CWE
CVE References
CWE References
Countries
 United States | 289 websites |
 Germany | 200 websites |
 Italy | 31 websites |
 GB | 18 websites |
 France | 15 websites |
 Finland | 11 websites |
 Russia | 10 websites |
 Netherlands | 7 websites |
 Japan | 4 websites |
 Belgium | 3 websites |
TLDs
| .org | 278 websites |
| .info | 91 websites |
| .com | 53 websites |
| .it | 21 websites |
| .de | 19 websites |
| .ru | 10 websites |
| .fi | 9 websites |
| .net | 4 websites |
| .nl | 3 websites |
| .edu | 2 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2023-33933 through included software libraries and plugins.References
- https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
- https://www.debian.org/security/2023/dsa-5435
- https://lists.fedoraproject.org/archives/list/[email protected]/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
- https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
Websites affected by CVE-2023-33933
Top websites that are affected by CVE-2023-33933. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **.*********.org | United States | ** | |
| *******.*********.org | United States | *** | |
| ***.*********.org | United States | *,*** | |
| **.*********.org | United States | *,*** | |
| **.*********.org | United States | *,*** | |
| **.*.*********.org | United States | *,*** | |
| ****.*********.org | United States | *,*** | |
| **.*********.org | United States | *,*** | |
| **.*********.org | United States | *,*** | |
| **.*********.org | United States | *,*** |