Vulnerability affects Apache installations that operate in reverse proxy mode. Researchers from Qualys warn that if certain rules are not configured correctly, attackers can trick servers into performing unauthorized requests to access internal resources. Red Hat senior software engineer Joe Orton proposed a patch that is currently being reviewed by the other developers. The Apache developers are aware of the problem and are currently discussing the best method of fixing it. One possibility would be to strengthen the previous patch in the server code in order to reject such requests, but there’s no certainty that other bypass methods won’t be discovered.”]