Home Embedded Vulns General Vulns

CVE-2025-31698

HIGH 7.5

Our Analysis: General-Purpose

Our model has classified this vulnerability as relevant to General-Purpose Systems, helping your team prioritize efforts effectively.

Published Date June 19, 2025
Last Modified July 1, 2025
CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

ACL configured in ip_allow.config or remap.config does not use IP addresses that are provided by PROXY protocol.

Users can use a new setting (proxy.config.acl.subjects) to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. 
This issue affects undefined: from 10.0.0 through 10.0.6, from 9.0.0 through 9.2.10.

Users are recommended to upgrade to version 9.2.11 or 10.0.6, which fixes the issue.

Potentially Affected Vendors

apache