CVE-2018-11763

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.

References

https://httpd.apache.org/security/vulnerabilities_24.html

http://www.securitytracker.com/id/1041713

http://www.securityfocus.com/bid/105414

https://usn.ubuntu.com/3783-1/

https://access.redhat.com/errata/RHSA-2018:3558

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://security.netapp.com/advisory/ntap-20190204-0004/

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us

https://access.redhat.com/errata/RHSA-2019:0367

https://access.redhat.com/errata/RHSA-2019:0366

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://www.tenable.com/security/tns-2019-09

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2018-09-25

Updated: 2021-06-06

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from 2.4.17 to 2.4.34 (inclusive)

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 3

OR

cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

Tenable Plugins

View all (26 total)

IDNameProductFamilySeverity
131476EulerOS Virtualization for ARM 64 3.0.3.0 : httpd (EulerOS-SA-2019-2311)NessusHuawei Local Security Checks
high
127734openSUSE Security Update : virtualbox (openSUSE-2019-1814)NessusSuSE Local Security Checks
critical
125844openSUSE Security Update : virtualbox (openSUSE-2019-1547)NessusSuSE Local Security Checks
high
125147Oracle Enterprise Manager Ops Center (Apr 2019 CPU)NessusMisc.
critical
124170Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
critical
124169Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
critical
123337openSUSE Security Update : apache2 (openSUSE-2019-791)NessusSuSE Local Security Checks
medium
122292RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 (RHSA-2019:0367)NessusRed Hat Local Security Checks
critical
122016Photon OS 1.0: Httpd PHSA-2019-1.0-0203NessusPhotonOS Local Security Checks
critical
121601Oracle Secure Global Desktop Multiple Vulnerabilities (January 2019 CPU)NessusMisc.
medium
98916Apache 2.4.x < 2.4.35 Denial of ServiceWeb Application ScanningComponent Vulnerability
medium
121411openSUSE Security Update : virtualbox (openSUSE-2019-84)NessusSuSE Local Security Checks
high
121368Amazon Linux 2 : httpd (ALAS-2019-1155)NessusAmazon Linux Local Security Checks
medium
120654Fedora 29 : mod_http2 (2018-9cdbb641f9)NessusFedora Local Security Checks
medium
120519Fedora 28 : mod_http2 (2018-6ffb18592f)NessusFedora Local Security Checks
medium
120127SUSE SLES15 Security Update : apache2 (SUSE-SU-2018:3101-1)NessusSuSE Local Security Checks
medium
119687Amazon Linux AMI : httpd24 (ALAS-2018-1104)NessusAmazon Linux Local Security Checks
medium
119449SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-2)NessusSuSE Local Security Checks
medium
118875openSUSE Security Update : apache2 (openSUSE-2018-1378)NessusSuSE Local Security Checks
medium
118835Amazon Linux 2 : mod_http2 (ALAS-2018-1104)NessusAmazon Linux Local Security Checks
medium
118566SUSE SLES12 Security Update : apache2 (SUSE-SU-2018:3582-1)NessusSuSE Local Security Checks
medium
118242Fedora 27 : mod_http2 (2018-bb9d24c82d)NessusFedora Local Security Checks
medium
118170openSUSE Security Update : apache2 (openSUSE-2018-1178)NessusSuSE Local Security Checks
medium
117916Ubuntu 18.04 LTS : apache2 vulnerabilities (USN-3783-1)NessusUbuntu Local Security Checks
high
117807Apache 2.4.x < 2.4.35 DoSNessusWeb Servers
medium
117724FreeBSD : Apache -- Denial of service vulnerability in HTTP/2 (e182c076-c189-11e8-a6d2-b499baebfeaf)NessusFreeBSD Local Security Checks
medium