The host is installed with Apache Http Server 2.2.0 through 2.2.34 or 2.4.0 through 2.4.29 and is prone to an improper authentication vulnerability. A flaw is present in the application, which fails to handle issues in mod_auth_digest. Successful exploitation could allow remote attackers to replay HTTP requests across servers without detection.