Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2012-4557

Published: Nov 30, 2012 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
2.6 LOW
AV:N/AC:H/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu
LOW
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2012-4557
CWEhttps://cwe.mitre.org/data/definitions/399.html

The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.

Affected Software

NameVendorStart VersionEnd Version
Http_serverApache2.2.12 (including)2.2.12 (including)
Http_serverApache2.2.13 (including)2.2.13 (including)
Http_serverApache2.2.14 (including)2.2.14 (including)
Http_serverApache2.2.15 (including)2.2.15 (including)
Http_serverApache2.2.16 (including)2.2.16 (including)
Http_serverApache2.2.17 (including)2.2.17 (including)
Http_serverApache2.2.18 (including)2.2.18 (including)
Http_serverApache2.2.19 (including)2.2.19 (including)
Http_serverApache2.2.20 (including)2.2.20 (including)
Http_serverApache2.2.21 (including)2.2.21 (including)
JBEWS 1.0 for RHEL 4RedHatant-0:1.7.1-13.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatantlr-0:2.7.7-7.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatbcel-0:5.2-8.1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatcglib-0:2.2-5.1.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatdom4j-0:1.6.1-11.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatecj-1:3.3.1.1-3.2.2.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatglassfish-jaf-0:1.1.0-6.1.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatglassfish-javamail-0:1.4.2-0.4.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatglassfish-jsf-0:1.2_13-2.2.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHathibernate3-1:3.3.2-1.5.GA_CP04.ep5.el4*
JBEWS 1.0 for RHEL 4RedHathibernate3-annotations-0:3.4.0-3.3.GA_CP04.ep5.el4*
JBEWS 1.0 for RHEL 4RedHathibernate3-commons-annotations-0:3.1.0-1.8.ep5.el4*
JBEWS 1.0 for RHEL 4RedHathibernate3-ejb-persistence-3.0-api-1:1.0.2-3.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHathibernate3-entitymanager-0:3.4.0-4.3.GA_CP04.ep5.el4*
JBEWS 1.0 for RHEL 4RedHathttpd22-0:2.2.17-14.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-beanutils-0:1.8.0-4.1.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-chain-0:1.2-2.2.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-codec-0:1.3-9.1.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-collections-0:3.2.1-4.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-daemon-1:1.0.5-1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-dbcp-0:1.2.1-16.4.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-digester-0:1.8.1-8.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-el-0:1.0-19.2.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-fileupload-1:1.1.1-7.4.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-httpclient-1:3.1-1.1.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-io-0:1.4-1.3.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-launcher-0:1.1-4.6.1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-logging-0:1.1.1-0.4.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-logging-jboss-0:1.1-10.2.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-modeler-0:2.0-4.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-pool-0:1.3-11.2.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-commons-validator-0:1.3.1-7.5.1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-oro-0:2.0.8-3.3.2.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjakarta-taglibs-standard-0:1.1.1-9.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjavassist-0:3.12.0-1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjboss-common-core-0:2.2.17-1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjboss-common-logging-jdk-0:2.1.2-1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjboss-common-logging-spi-0:2.1.2-1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjboss-javaee-0:5.0.1-2.9.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjcommon-0:1.0.16-1.2.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatjfreechart-0:1.0.13-2.3.2.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatlog4j-0:1.2.14-18.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatmod_cluster-0:1.0.10-2.GA_CP01.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatmod_cluster-native-0:1.0.10-2.GA_CP01.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatmod_jk-0:1.2.31-1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatmx4j-1:3.0.1-9.3.4.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatobjectweb-asm-0:3.1-5.3.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatregexp-0:1.5-1.2.1.jdk6.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatstruts12-0:1.2.9-3.ep5.el4*
JBEWS 1.0 for RHEL 4RedHattomcat5-0:5.5.33-14_patch_04.ep5.el4*
JBEWS 1.0 for RHEL 4RedHattomcat6-0:6.0.32-15_patch_03.ep5.el4*
JBEWS 1.0 for RHEL 4RedHattomcat-jkstatus-ant-0:1.2.31-2.ep5.el4*
JBEWS 1.0 for RHEL 4RedHattomcat-native-0:1.1.20-2.0.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatxalan-j2-0:2.7.1-5.3_patch_04.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatxerces-j2-0:2.9.1-3.patch01.1.ep5.el4*
JBEWS 1.0 for RHEL 4RedHatxml-commons-1:1.3.04-7.12.ep5.el4*
Red Hat Enterprise Linux 6RedHathttpd-0:2.2.15-26.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatant-0:1.7.1-13.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatantlr-0:2.7.7-7.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatcglib-0:2.2-5.1.1.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatdom4j-0:1.6.1-11.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatecj3-1:3.3.1.1-3.1.1.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatglassfish-jsf-0:1.2_13-3.1.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHathibernate3-1:3.3.2-1.4.GA_CP04.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHathibernate3-annotations-0:3.4.0-3.2.GA_CP04.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHathibernate3-commons-annotations-0:3.1.0-1.8.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHathibernate3-ejb-persistence-3.0-api-1:1.0.2-3.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHathibernate3-entitymanager-0:3.4.0-4.3.GA_CP04.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHathttpd-0:2.2.17-11.1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-beanutils-0:1.8.0-4.1.2.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-chain-0:1.2-2.2.1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-codec-0:1.3-9.2.1.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-collections-0:3.2.1-4.1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-daemon-1:1.0.5-1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-dbcp-0:1.2.1-16.4.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-digester-0:1.8.1-8.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-fileupload-1:1.1.1-7.4.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-httpclient-1:3.1-1.2.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-io-0:1.4-1.3.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-logging-0:1.1.1-0.4.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-logging-jboss-0:1.1-10.2.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-pool-0:1.3-11.2.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-commons-validator-0:1.3.1-7.5.2.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-oro-0:2.0.8-3.3.2.1.1.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjakarta-taglibs-standard-0:1.1.1-9.1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjavassist-0:3.12.0-1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjboss-common-core-0:2.2.17-1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjboss-common-logging-jdk-0:2.1.2-1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjboss-common-logging-spi-0:2.1.2-1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjboss-javaee-0:5.0.1-2.9.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjcommon-0:1.0.16-1.2.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatjfreechart-0:1.0.13-2.3.2.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatmod_cluster-0:1.0.10-2.1.GA_CP01.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatmod_cluster-native-0:1.0.10-2.1.GA_CP01.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatmod_jk-0:1.2.31-1.1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatobjectweb-asm-0:3.1-5.3.1.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatstruts12-0:1.2.9-3.1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHattomcat5-0:5.5.33-16_patch_04.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHattomcat6-0:6.0.32-15.1_patch_03.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHattomcat-jkstatus-ant-0:1.2.31-2.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHattomcat-native-0:1.1.20-2.1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatxalan-j2-0:2.7.1-5.3_patch_04.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatxerces-j2-0:2.9.1-3.patch01.1.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 5RedHatxml-commons-0:1.3.04-7.10.jdk6.ep5.el5*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatant-0:1.7.1-14.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatantlr-0:2.7.7-7.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatcglib-0:2.2-5.4.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatdom4j-0:1.6.1-11.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatecj3-1:3.3.1.1-4.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatglassfish-jsf-0:1.2_13-3.1.4.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHathibernate3-1:3.3.2-1.8.GA_CP04.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHathibernate3-annotations-0:3.4.0-3.5.GA_CP04.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHathibernate3-commons-annotations-0:3.1.0-1.8.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHathibernate3-ejb-persistence-3.0-api-1:1.0.2-3.3.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHathibernate3-entitymanager-0:3.4.0-4.4.GA_CP04.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHathttpd-0:2.2.17-11.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-beanutils-0:1.8.0-9.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-chain-0:1.2-2.2.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-codec-0:1.3-12.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-collections-0:3.2.1-4.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-daemon-1:1.0.5-1.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-daemon-jsvc-1:1.0.5-1.4.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-dbcp-0:1.2.1-16.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-digester-0:1.8.1-8.1.1.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-fileupload-1:1.1.1-7.5.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-httpclient-1:3.1-1.2.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-io-0:1.4-4.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-logging-0:1.1.1-1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-logging-jboss-0:1.1-10.2.2.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-pool-0:1.3-15.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-commons-validator-0:1.3.1-7.5.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-oro-0:2.0.8-7.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjakarta-taglibs-standard-0:1.1.1-12.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjavassist-0:3.12.0-3.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjboss-common-core-0:2.2.17-1.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjboss-common-logging-jdk-0:2.1.2-1.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjboss-common-logging-spi-0:2.1.2-1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjboss-javaee-0:5.0.1-2.9.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjcommon-0:1.0.16-1.2.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatjfreechart-0:1.0.13-2.3.2.1.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatmod_cluster-0:1.0.10-2.2.GA_CP01.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatmod_cluster-native-0:1.0.10-2.1.1.GA_CP01.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatmod_jk-0:1.2.31-1.1.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatobjectweb-asm31-0:3.1-12.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatstruts12-0:1.2.9-3.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHattomcat5-0:5.5.33-15_patch_04.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHattomcat6-0:6.0.32-14_patch_03.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHattomcat-jkstatus-ant-0:1.2.31-2.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHattomcat-native-0:1.1.20-2.1.2.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatxalan-j2-0:2.7.1-5.3_patch_04.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatxerces-j2-0:2.9.1-8.patch01.1.ep5.el6*
Red Hat JBoss Enterprise Web Server 1 for RHEL 6RedHatxml-commons-0:1.3.04-7.14.ep5.el6*
Red Hat JBoss Web Server 1.0RedHat*
Apache2Ubuntuhardy*
Apache2Ubuntulucid*
Apache2Ubuntuoneiric*
Apache2Ubuntuupstream*

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use