You’re offline. This is a read only version of the page.

Welcome to the future of Business Support! I'm Trend Companion, your AI assistant ready to streamline your experience.

Log in for your personalized support! Chat with Trend Companion for quick answers, or submit a case for detailed troubleshooting.

Views:

All IMSVA versions are not impacted by this CVE because they don't use the module mod_http2.

Keywords: CVE-2020-9490 IMSVA, CVE-2020-9490 Interscan Messaging Security Virtual Appliance

Learn about CVE-2020-9490 and its impact to Interscan Messaging Security Virtual Appliance (IMSVA)

Product / Version includes:

Interscan Messaging Security Virtual Appliance 9.1

Last updated: 2025/05/08

Solution ID: KA-0011313

Category: Troubleshoot

Summary

Vulnerability information:

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.

References:

Red Hat Bugzilla – Bug 1866560
cve.mitre.org - CVE-2020-9490

All IMSVA versions are not impacted by this CVE because they don't use the module mod_http2.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Learn about CVE-2020-9490 and its impact to Interscan Messaging Security Virtual Appliance (IMSVA)

Learn about CVE-2020-9490 and its impact to Interscan Messaging Security Virtual Appliance (IMSVA)

Product / Version includes:

Summary