Newly discovered vulnerability on Apache HTTPD Web Server.
URL https://cybernews.com/news/apache-found-critical-bugs-in-httpd-web-server/
Vapp 14.3 14.4
For C8/14.4 and 14.4.1 uses Apache/2.4.37, mod_lua is enabled and a fix has been provided for both versions
CVE-2021-44790 Vulnerable. mod_lua is enabled.
1) For 14.4.0-Centos8(v2) - HF-DE524026-20211224-0001.tgz.gpg
2) For 14.4.1-Centos8(v2) - HF_VA-14.4.1-20211103100124-DE500001-0001.tgz.gpg
CVE-2021-44224 Not vulnerable. VApp proxy uses a reverse proxy configuration.
For C6/14.2/14.3/14.4 uses Apache/2.2.15, mod_lua was not applicable
CVE-2021-44790 Not Vulnerable. mod_lua is not applicable.
CVE-2021-44224 Not vulnerable. VApp proxy uses a reverse proxy configuration.
mod_lua was compatible with Apache 2.3 and later, please refer to the link below
https://httpd.apache.org/docs/trunk/mod/mod_lua.html
Reference
Defect DE524026