CVE-2016-8743

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.

References

https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-8743

https://security.gentoo.org/glsa/201701-36

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us

http://www.securitytracker.com/id/1037508

http://www.securityfocus.com/bid/95077

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03753en_us

https://www.tenable.com/security/tns-2017-04

http://www.debian.org/security/2017/dsa-3796

https://support.apple.com/HT208221

https://access.redhat.com/errata/RHSA-2017:1721

https://access.redhat.com/errata/RHSA-2017:1414

https://access.redhat.com/errata/RHSA-2017:1413

https://access.redhat.com/errata/RHSA-2017:1161

https://access.redhat.com/errata/RHSA-2017:0906

http://rhn.redhat.com/errata/RHSA-2017-1415.html

https://security.netapp.com/advisory/ntap-20180423-0001/

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2017-07-27

Updated: 2021-06-06

Type: CWE-19

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*

Tenable Plugins

View all (52 total)

IDNameProductFamilySeverity
144777IBM HTTP Server 7.0.0.0 < 7.0.0.43 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.3 Response Splitting (289001)NessusWeb Servers
high
127360NewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)NessusNewStart CGSL Local Security Checks
critical
124922EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)NessusHuawei Local Security Checks
critical
700511macOS < 10.13 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
98910Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)Web Application ScanningComponent Vulnerability
high
119218Virtuozzo 6 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-1721)NessusVirtuozzo Local Security Checks
high
118291SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2815-2)NessusSuSE Local Security Checks
high
117789openSUSE Security Update : apache2 (openSUSE-2018-1046)NessusSuSE Local Security Checks
high
117695SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2815-1)NessusSuSE Local Security Checks
high
117316RHEL 6 : JBoss Core Services (RHSA-2017:1414)NessusRed Hat Local Security Checks
high
117315RHEL 7 : JBoss Core Services (RHSA-2017:1413)NessusRed Hat Local Security Checks
high
112199SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:2554-1)NessusSuSE Local Security Checks
high
110056F5 Networks BIG-IP : Apache vulnerability (K00373024)NessusF5 Networks Local Security Checks
high
108520Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)NessusJunos Local Security Checks
critical
104379macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)NessusMacOS X Local Security Checks
critical
103598macOS < 10.13 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
103530HP System Management Homepage < 7.6.1 Multiple Vulnerabilities (HPSBMU03753)NessusWeb Servers
medium
102178Amazon Linux AMI : httpd24 (ALAS-2017-863)NessusAmazon Linux Local Security Checks
critical
101488CentOS 6 : httpd (CESA-2017:1721)NessusCentOS Local Security Checks
high
101445Virtuozzo 7 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-0906)NessusVirtuozzo Local Security Checks
high
101387Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20170711)NessusScientific Linux Local Security Checks
high
101385RHEL 6 : httpd (RHSA-2017:1721)NessusRed Hat Local Security Checks
high
101382Oracle Linux 6 : httpd (ELSA-2017-1721)NessusOracle Linux Local Security Checks
high
101044Tenable SecurityCenter Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)NessusMisc.
high
101004Amazon Linux AMI : httpd (ALAS-2017-851)NessusAmazon Linux Local Security Checks
high
100098Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : apache2 vulnerabilities (USN-3279-1)NessusUbuntu Local Security Checks
high
99952EulerOS 2.0 SP2 : httpd (EulerOS-SA-2017-1086)NessusHuawei Local Security Checks
high
99951EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1085)NessusHuawei Local Security Checks
high
99930Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32)NessusMisc.
critical
99379CentOS 7 : httpd (CESA-2017:0906)NessusCentOS Local Security Checks
high
99350Scientific Linux Security Update : httpd on SL7.x x86_64 (20170412)NessusScientific Linux Local Security Checks
high
99340RHEL 7 : httpd (RHSA-2017:0906)NessusRed Hat Local Security Checks
high
99329Oracle Linux 7 : httpd (ELSA-2017-0906)NessusOracle Linux Local Security Checks
high
99155openSUSE Security Update : apache2 (openSUSE-2017-417)NessusSuSE Local Security Checks
high
99154openSUSE Security Update : apache2 (openSUSE-2017-416)NessusSuSE Local Security Checks
high
99134macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy)NessusMacOS X Local Security Checks
critical
97916SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0801-1)NessusSuSE Local Security Checks
high
97912SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0797-1)NessusSuSE Local Security Checks
high
97831SUSE SLES11 Security Update : apache2 (SUSE-SU-2017:0729-1)NessusSuSE Local Security Checks
high
97726Tenable SecurityCenter 5.x < 5.4.3 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)NessusMisc.
medium
97438Debian DLA-841-2 : apache2 regression updateNessusDebian Local Security Checks
high
97400Debian DSA-3796-1 : apache2 - security updateNessusDebian Local Security Checks
high
9908Apache HTTP Server 2.4.x < 2.4.25 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
96631Amazon Linux AMI : httpd24 (ALAS-2017-785)NessusAmazon Linux Local Security Checks
high
96516GLSA-201701-36 : Apache: Multiple vulnerabilities (httpoxy)NessusGentoo Local Security Checks
high
96451Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)NessusWeb Servers
high
96450Apache 2.2.x < 2.2.32 Multiple Vulnerabilities (httpoxy)NessusWeb Servers
high
96114Fedora 24 : httpd (2016-d22f50d985)NessusFedora Local Security Checks
high
96111Fedora 25 : httpd (2016-8d9b62c784)NessusFedora Local Security Checks
high
96090Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2016-358-01) (httpoxy)NessusSlackware Local Security Checks
high
96037FreeBSD : Apache httpd -- several vulnerabilities (862d6ab3-c75e-11e6-9f98-20cf30e32f6d) (httpoxy)NessusFreeBSD Local Security Checks
high
9486Apache HTTP Server 2.2.x < 2.2.32 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium