VIR Vulnerability Intelligence Relay

CVE-2014-3525

critical
Published 2014-08-22 · Modified 2026-05-06
CVSS v3
CVSS v2
10.0
VIR risk
10.0

Description

Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, 4.x before 4.2.1.1, and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2014-3525

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed5.0.1-1
debian debianbullseyefixed5.0.1-1
debian debiansidfixed5.0.1-1

Application impact
VendorProductVersionsFixed
apache apachetraffic_server2.0.0
apache apachetraffic_server2.0.1
apache apachetraffic_server2.1.0
apache apachetraffic_server2.1.1
apache apachetraffic_server2.1.2
apache apachetraffic_server2.1.3
apache apachetraffic_server2.1.4
apache apachetraffic_server2.1.5
apache apachetraffic_server2.1.6
apache apachetraffic_server2.1.7
apache apachetraffic_server2.1.8
apache apachetraffic_server2.1.9
apache apachetraffic_server3.0.0
apache apachetraffic_server3.0.1
apache apachetraffic_server3.0.2
apache apachetraffic_server3.0.3
apache apachetraffic_server3.0.4
apache apachetraffic_server3.1.0
apache apachetraffic_server3.1.1
apache apachetraffic_server3.1.2
apache apachetraffic_server3.1.3
apache apachetraffic_server3.1.4
apache apachetraffic_server3.2.0
apache apachetraffic_server3.3.0
apache apachetraffic_server3.3.1
apache apachetraffic_server3.3.2
apache apachetraffic_server3.3.3
apache apachetraffic_server3.3.4
apache apachetraffic_server3.3.5
apache apachetraffic_server4.0.1
apache apachetraffic_server4.1.0
apache apachetraffic_server4.2.0
apache apachetraffic_server4.2.1
apache apachetraffic_server5.0.0

References

Verify integrity in audit chain (admin only). AS-IS.