CVE-2017-3167

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.

References

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

http://www.securityfocus.com/bid/99135

http://www.securitytracker.com/id/1038711

https://www.nomachine.com/SU08O00185

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

https://security.gentoo.org/glsa/201710-32

http://www.debian.org/security/2017/dsa-3896

https://support.apple.com/HT208221

https://access.redhat.com/errata/RHSA-2017:3195

https://access.redhat.com/errata/RHSA-2017:3194

https://access.redhat.com/errata/RHSA-2017:3193

https://access.redhat.com/errata/RHSA-2017:3477

https://access.redhat.com/errata/RHSA-2017:3476

https://access.redhat.com/errata/RHSA-2017:3475

https://access.redhat.com/errata/RHSA-2017:2483

https://access.redhat.com/errata/RHSA-2017:2479

https://access.redhat.com/errata/RHSA-2017:2478

https://security.netapp.com/advisory/ntap-20180601-0002/

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://www.tenable.com/security/tns-2019-09

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2017-06-20

Updated: 2021-06-06

Type: CWE-287

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*

cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*

OR

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 7

OR

cpe:2.3:a:oracle:secure_global_desktop:5.3:*:*:*:*:*:*:*

Tenable Plugins

View all (49 total)

IDNameProductFamilySeverity
144778IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.5 Multiple Vulnerabilities (563615)NessusWeb Servers
critical
127360NewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)NessusNewStart CGSL Local Security Checks
critical
124922EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)NessusHuawei Local Security Checks
critical
124892EulerOS Virtualization for ARM 64 3.0.1.0 : httpd (EulerOS-SA-2019-1389)NessusHuawei Local Security Checks
critical
700511macOS < 10.13 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
121721Photon OS 1.0: Httpd PHSA-2017-0027NessusPhotonOS Local Security Checks
critical
98911Apache 2.4.x < 2.4.26 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
119222Virtuozzo 6 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-2478)NessusVirtuozzo Local Security Checks
critical
111876Photon OS 1.0: Httpd PHSA-2017-0027 (deprecated)NessusPhotonOS Local Security Checks
critical
108520Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)NessusJunos Local Security Checks
critical
105439F5 Networks BIG-IP : Apache HTTPD vulnerability (K34125394)NessusF5 Networks Local Security Checks
critical
105369RHEL 6 : Red Hat JBoss Core Services Apache HTTP Server 2.4.23 (RHSA-2017:3477) (Optionsbleed)NessusRed Hat Local Security Checks
critical
105368RHEL 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.23 (RHSA-2017:3476) (Optionsbleed)NessusRed Hat Local Security Checks
critical
104541RHEL 6 : httpd (RHSA-2017:3195) (Optionsbleed)NessusRed Hat Local Security Checks
critical
104540RHEL 7 : httpd (RHSA-2017:3194) (Optionsbleed)NessusRed Hat Local Security Checks
critical
104539RHEL 7 : httpd (RHSA-2017:3193) (Optionsbleed)NessusRed Hat Local Security Checks
critical
104379macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)NessusMacOS X Local Security Checks
critical
104270SUSE SLES11 Security Update : apache2 (SUSE-SU-2017:2907-1) (Optionsbleed)NessusSuSE Local Security Checks
critical
104233GLSA-201710-32 : Apache: Multiple vulnerabilities (Optionsbleed)NessusGentoo Local Security Checks
critical
103980Oracle Secure Global Desktop Web Services Component Remote Authentication Bypass (October 2017 CPU)NessusMisc.
critical
103961SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:2756-1) (Optionsbleed)NessusSuSE Local Security Checks
critical
103930Oracle VM VirtualBox 5.1.x < 5.1.30 (October 2017 CPU)NessusMisc.
critical
103673FireEye Operating System Multiple Vulnerabilities (AX < 7.7.7 / EX < 8.0.1)NessusFirewalls
critical
103598macOS < 10.13 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
103226Amazon Linux AMI : httpd (ALAS-2017-892)NessusAmazon Linux Local Security Checks
critical
103215SUSE SLES12 Security Update : Recommended update for apache2 (SUSE-SU-2017:2449-1)NessusSuSE Local Security Checks
critical
103016EulerOS 2.0 SP2 : httpd (EulerOS-SA-2017-1178)NessusHuawei Local Security Checks
critical
103015EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1177)NessusHuawei Local Security Checks
critical
102767CentOS 7 : httpd (CESA-2017:2479)NessusCentOS Local Security Checks
critical
102668Scientific Linux Security Update : httpd on SL7.x x86_64 (20170815)NessusScientific Linux Local Security Checks
critical
102535RHEL 6 : httpd (RHSA-2017:2478)NessusRed Hat Local Security Checks
critical
102521Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20170815)NessusScientific Linux Local Security Checks
critical
102519RHEL 7 : httpd (RHSA-2017:2479)NessusRed Hat Local Security Checks
critical
102515Oracle Linux 7 : httpd (ELSA-2017-2479)NessusOracle Linux Local Security Checks
critical
102514Oracle Linux 6 : httpd (ELSA-2017-2478)NessusOracle Linux Local Security Checks
critical
102505CentOS 6 : httpd (CESA-2017:2478)NessusCentOS Local Security Checks
critical
102178Amazon Linux AMI : httpd24 (ALAS-2017-863)NessusAmazon Linux Local Security Checks
critical
101787Apache 2.2.x < 2.2.34 Multiple VulnerabilitiesNessusWeb Servers
critical
101778Fedora 25 : httpd (2017-9ded7c5670)NessusFedora Local Security Checks
critical
101670Fedora 26 : httpd (2017-81976b6a91)NessusFedora Local Security Checks
critical
101511Fedora 24 : httpd (2017-cf9599a306)NessusFedora Local Security Checks
critical
101283openSUSE Security Update : apache2 (openSUSE-2017-786)NessusSuSE Local Security Checks
critical
101175Debian DLA-1009-1 : apache2 security updateNessusDebian Local Security Checks
critical
101117Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : httpd (SSA:2017-180-03)NessusSlackware Local Security Checks
critical
101109SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:1714-1)NessusSuSE Local Security Checks
critical
101062Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : apache2 vulnerabilities (USN-3340-1)NessusUbuntu Local Security Checks
critical
101013Debian DSA-3896-1 : apache2 - security updateNessusDebian Local Security Checks
critical
100995Apache 2.2.x < 2.2.33-dev / 2.4.x < 2.4.26 Multiple VulnerabilitiesNessusWeb Servers
critical
100881FreeBSD : Apache httpd -- several vulnerabilities (0c2db2aa-5584-11e7-9a7d-b499baebfeaf)NessusFreeBSD Local Security Checks
critical