The host is installed with Apache HTTP Server 2.4.18 through 2.4.20 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a SSL client certificate validation. Successful exploitation could allow remote attackers to access resources protected by certificate authentication without providing a valid client certificate.