CVE-2018-17189

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.

References

https://httpd.apache.org/security/vulnerabilities_24.html

https://security.netapp.com/advisory/ntap-20190125-0001/

http://www.securityfocus.com/bid/106685

https://lists.fedoraproject.org/archives/list/[email protected]/message/U7N3DUEBFVGQWQEME5HTPTTKDHGHBAC6/

https://lists.fedoraproject.org/archives/list/[email protected]/message/IY7SJQOO3PYFVINZW6H5EK4EZ3HSGZNM/

https://security.gentoo.org/glsa/201903-21

https://seclists.org/bugtraq/2019/Apr/5

https://usn.ubuntu.com/3937-1/

https://www.debian.org/security/2019/dsa-4422

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us

https://access.redhat.com/errata/RHSA-2019:3933

https://access.redhat.com/errata/RHSA-2019:3935

https://access.redhat.com/errata/RHSA-2019:3932

https://access.redhat.com/errata/RHSA-2019:4126

https://www.tenable.com/security/tns-2019-09

https://www.oracle.com/security-alerts/cpujan2020.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2019-01-30

Updated: 2021-07-06

Type: CWE-400

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Impact Score: 1.4

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*

OR

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
145821CentOS 8 : httpd:2.4 (CESA-2020:4751)NessusCentOS Local Security Checks
critical
142762Oracle Linux 8 : httpd:2.4 (ELSA-2020-4751)NessusOracle Linux Local Security Checks
critical
142397RHEL 8 : httpd:2.4 (RHSA-2020:4751)NessusRed Hat Local Security Checks
critical
131476EulerOS Virtualization for ARM 64 3.0.3.0 : httpd (EulerOS-SA-2019-2311)NessusHuawei Local Security Checks
high
131216RHEL 7 : JBoss Core Services (RHSA-2019:3933) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering) (Resource Loop)NessusRed Hat Local Security Checks
high
131215RHEL 6 : JBoss Core Services (RHSA-2019:3932) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering) (Resource Loop)NessusRed Hat Local Security Checks
high
128204EulerOS 2.0 SP8 : httpd (EulerOS-SA-2019-1835)NessusHuawei Local Security Checks
high
124870Photon OS 1.0: Httpd PHSA-2019-1.0-0230NessusPhotonOS Local Security Checks
high
124680Photon OS 2.0: Httpd PHSA-2019-2.0-0157NessusPhotonOS Local Security Checks
high
124506Fedora 30 : mod_http2 (2019-75b4a34d4f)NessusFedora Local Security Checks
medium
124303Amazon Linux 2 : mod_http2 (ALAS-2019-1197)NessusAmazon Linux Local Security Checks
medium
98537Apache 2.4.x < 2.4.38 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
123787Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : apache2 vulnerabilities (USN-3937-1)NessusUbuntu Local Security Checks
high
123691Debian DSA-4422-1 : apache2 - security updateNessusDebian Local Security Checks
high
123427GLSA-201903-21 : Apache: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
123036Fedora 28 : mod_http2 (2019-133a8a7cb5)NessusFedora Local Security Checks
medium
122978Fedora 29 : mod_http2 (2019-0300c36537)NessusFedora Local Security Checks
medium
122758Amazon Linux AMI : httpd24 (ALAS-2019-1166)NessusAmazon Linux Local Security Checks
high
122741openSUSE Security Update : apache2 (openSUSE-2019-305)NessusSuSE Local Security Checks
high
122661openSUSE Security Update : apache2 (openSUSE-2019-296)NessusSuSE Local Security Checks
high
122477SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2019:0504-1)NessusSuSE Local Security Checks
high
122475SUSE SLES12 Security Update : apache2 (SUSE-SU-2019:0498-1)NessusSuSE Local Security Checks
high
121355Apache 2.4.x < 2.4.38 Multiple VulnerabilitiesNessusWeb Servers
high
121336FreeBSD : Apache -- vulnerability (eb888ce5-1f19-11e9-be05-4c72b94353b5)NessusFreeBSD Local Security Checks
high
121327Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2019-022-01)NessusSlackware Local Security Checks
high