One of the many tasks under my scope is patching of vulnerabilities on macOS systems. Recently every single machine has been flagged for having a vulnerable version of "httpd" to which there doesn't appear to be a path toward remediation aside from upgrading to Big Sur.
Alternatively I have been digging through options to see whether I could create an extension attribute which would check and alert me of any systems that have apache running. Sadly all command line options seem to be a dead end as the likely option of running "sudo apachectl status" will just return the following "Go to http://localhost:80/server-status in the web browser of your choice.
Note that mod_status must be enabled for this to work."
Has anyone else had to deal with addressing this vulnerability, and how have you gone about remediating the issue?
Apache 2.4.x < 2.4.46 Multiple Vulnerabilities
(Report on Tenable's website regarding the vulnerability)
https://www.tenable.com/plugins/nessus/139574
Upgrade or Remove Apache Web Server - macOS Catalina
(Thread on Apple's Discussion board of someone in the same boat)
https://discussions.apple.com/thread/252669979
macOS Catalina how to upgrade the Apache httpd
(Another thread on Apple's Discussion board of someone in the same boat)
https://discussions.apple.com/thread/252546898
