Severity

Theme

CVE-2016-5387

HIGH

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.

References

http://www.kb.cert.org/vuls/id/797896

https://httpoxy.org/

https://www.apache.org/security/asf-httpoxy-response.txt

https://lists.fedoraproject.org/archives/list/[email protected]/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/

http://www.securitytracker.com/id/1036330

https://lists.fedoraproject.org/archives/list/[email protected]/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

http://rhn.redhat.com/errata/RHSA-2016-1650.html

http://rhn.redhat.com/errata/RHSA-2016-1648.html

http://rhn.redhat.com/errata/RHSA-2016-1649.html

http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html

https://access.redhat.com/errata/RHSA-2016:1635

http://rhn.redhat.com/errata/RHSA-2016-1625.html

https://access.redhat.com/errata/RHSA-2016:1422

https://access.redhat.com/errata/RHSA-2016:1851

https://access.redhat.com/errata/RHSA-2016:1421

https://access.redhat.com/errata/RHSA-2016:1420

http://www.securityfocus.com/bid/91816

https://lists.fedoraproject.org/archives/list/[email protected]/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/

https://lists.fedoraproject.org/archives/list/[email protected]/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/

http://www.ubuntu.com/usn/USN-3038-1

http://rhn.redhat.com/errata/RHSA-2016-1624.html

https://access.redhat.com/errata/RHSA-2016:1636

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

http://www.debian.org/security/2016/dsa-3623

https://security.gentoo.org/glsa/201701-36

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us

https://www.tenable.com/security/tns-2017-04

https://support.apple.com/HT208221

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/rc998b18880df98bafaa[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2016-07-19

Updated: 2021-06-06

Type: CWE-284

Risk Information

CVSS v2

Base Score: 5.1

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 4.9

Severity: MEDIUM

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.2

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 2

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions up to 2.4.23 (inclusive)

Configuration 3

AND

cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

ID	Name	Product	Family	Severity
144302	IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.1 HTTP Redirect (548223)	Nessus	Web Servers	high
124922	EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)	Nessus	Huawei Local Security Checks	critical
700511	macOS < 10.13 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	critical
98910	Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)	Web Application Scanning	Component Vulnerability	high
104379	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)	Nessus	MacOS X Local Security Checks	critical
103598	macOS < 10.13 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
101837	Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (July 2017 CPU) (httpoxy)	Nessus	Misc.	critical
101044	Tenable SecurityCenter Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)	Nessus	Misc.	high
99793	EulerOS 2.0 SP1 : httpd (EulerOS-SA-2016-1030)	Nessus	Huawei Local Security Checks	high
99134	macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy)	Nessus	MacOS X Local Security Checks	critical
97726	Tenable SecurityCenter 5.x < 5.4.3 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)	Nessus	Misc.	medium
96516	GLSA-201701-36 : Apache: Multiple vulnerabilities (httpoxy)	Nessus	Gentoo Local Security Checks	high
96451	Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)	Nessus	Web Servers	high
96450	Apache 2.2.x < 2.2.32 Multiple Vulnerabilities (httpoxy)	Nessus	Web Servers	high
96090	Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2016-358-01) (httpoxy)	Nessus	Slackware Local Security Checks	high
96037	FreeBSD : Apache httpd -- several vulnerabilities (862d6ab3-c75e-11e6-9f98-20cf30e32f6d) (httpoxy)	Nessus	FreeBSD Local Security Checks	high
94654	HP System Management Homepage < 7.6 Multiple Vulnerabilities (HPSBMU03653) (httpoxy)	Nessus	Web Servers	high
93502	RHEL 6 / 7 : JBoss Core Services (RHSA-2016:1851) (httpoxy)	Nessus	Red Hat Local Security Checks	high
93295	SUSE SLES12 Security Update : apache2 (SUSE-SU-2016:2090-1) (httpoxy)	Nessus	SuSE Local Security Checks	high
9486	Apache HTTP Server 2.2.x < 2.2.32 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	medium
93119	RHEL 6 : JBoss Web Server (RHSA-2016:1649) (httpoxy)	Nessus	Red Hat Local Security Checks	high
93118	RHEL 7 : JBoss Web Server (RHSA-2016:1648) (httpoxy)	Nessus	Red Hat Local Security Checks	high
93065	openSUSE Security Update : apache2-mod_fcgid (openSUSE-2016-1005) (httpoxy)	Nessus	SuSE Local Security Checks	high
93044	RHEL 6 : Red Hat JBoss Web Server 3.0.3 Service Pack 1 (RHSA-2016:1636) (httpoxy)	Nessus	Red Hat Local Security Checks	high
93043	RHEL 7 : Red Hat JBoss Web Server 3.0.3 Service Pack 1 (RHSA-2016:1635) (httpoxy)	Nessus	Red Hat Local Security Checks	high
92806	Fedora 23 : perl-CGI-Emulate-PSGI (2016-a29c65b00f) (httpoxy)	Nessus	Fedora Local Security Checks	high
92801	Fedora 24 : perl-CGI-Emulate-PSGI (2016-683d0b257b) (httpoxy)	Nessus	Fedora Local Security Checks	high
92632	Debian DLA-568-1 : wordpress security update (httpoxy)	Nessus	Debian Local Security Checks	high
92593	Fedora 23 : httpd (2016-df0726ae26) (httpoxy)	Nessus	Fedora Local Security Checks	high
92539	HTTP_PROXY Environment Variable Namespace Collision Vulnerability (httpoxy)	Nessus	Web Servers	high
92536	Fedora 24 : httpd (2016-9fd9bfab9e) (httpoxy)	Nessus	Fedora Local Security Checks	high
92475	Debian DSA-3623-1 : apache2 - security update (httpoxy)	Nessus	Debian Local Security Checks	high
92474	Debian DLA-553-1 : apache2 security update (httpoxy)	Nessus	Debian Local Security Checks	high
92472	Amazon Linux AMI : httpd24 / httpd (ALAS-2016-725) (httpoxy)	Nessus	Amazon Linux Local Security Checks	high
92449	openSUSE Security Update : apache2 (openSUSE-2016-880) (httpoxy)	Nessus	SuSE Local Security Checks	high
92409	Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : apache2 vulnerability (USN-3038-1) (httpoxy)	Nessus	Ubuntu Local Security Checks	high
92404	Scientific Linux Security Update : httpd on SL7.x x86_64 (20160718) (httpoxy)	Nessus	Scientific Linux Local Security Checks	high
92403	Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20160718) (httpoxy)	Nessus	Scientific Linux Local Security Checks	high
92399	RHEL 7 : httpd (RHSA-2016:1422) (httpoxy)	Nessus	Red Hat Local Security Checks	high
92398	RHEL 5 / 6 : httpd (RHSA-2016:1421) (httpoxy)	Nessus	Red Hat Local Security Checks	high
92397	Oracle Linux 7 : httpd (ELSA-2016-1422) (httpoxy)	Nessus	Oracle Linux Local Security Checks	high
92396	Oracle Linux 5 / 6 : httpd (ELSA-2016-1421) (httpoxy)	Nessus	Oracle Linux Local Security Checks	high
92379	CentOS 7 : httpd (CESA-2016:1422) (httpoxy)	Nessus	CentOS Local Security Checks	high
92378	CentOS 5 / 6 : httpd (CESA-2016:1421) (httpoxy)	Nessus	CentOS Local Security Checks	high

CVE-2016-5387

HIGH

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Tenable Plugins

high

critical

critical

high

critical

critical

critical

high

high

critical

medium

high

high

high

high

high

high

high

high

medium

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high