The host is installed with Apache HTTP Server 2.4.x through 2.4.37 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle the mod_session expiry time check issue. Successful exploitation could allow attackers to ignore session expiry time and gain access to the application.