CVE-2018-17199

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

References

https://httpd.apache.org/security/vulnerabilities_24.html

https://security.netapp.com/advisory/ntap-20190125-0001/

https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html

http://www.securityfocus.com/bid/106742

https://security.gentoo.org/glsa/201903-21

https://seclists.org/bugtraq/2019/Apr/5

https://usn.ubuntu.com/3937-1/

https://www.debian.org/security/2019/dsa-4422

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us

https://access.redhat.com/errata/RHSA-2019:3933

https://access.redhat.com/errata/RHSA-2019:3935

https://access.redhat.com/errata/RHSA-2019:3932

https://access.redhat.com/errata/RHSA-2019:4126

https://www.tenable.com/security/tns-2019-09

https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456c[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2019-01-30

Updated: 2021-06-06

Type: CWE-384

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from 2.4.0 to 2.4.37 (inclusive)

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

Tenable Plugins

View all (35 total)

IDNameProductFamilySeverity
149913Oracle Linux 8 : httpd:2.4 (ELSA-2021-1809)NessusOracle Linux Local Security Checks
critical
149737CentOS 8 : httpd:2.4 (CESA-2021:1809)NessusCentOS Local Security Checks
critical
149696RHEL 8 : httpd:2.4 (RHSA-2021:1809)NessusRed Hat Local Security Checks
critical
144073IBM HTTP Server 9.0.0.0 < 9.0.0.11 Security Bypass (869064)NessusWeb Servers
high
143994NewStart CGSL CORE 5.05 / MAIN 5.05 : httpd Multiple Vulnerabilities (NS-SA-2020-0110)NessusNewStart CGSL Local Security Checks
high
143931NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Multiple Vulnerabilities (NS-SA-2020-0066)NessusNewStart CGSL Local Security Checks
high
135812Scientific Linux Security Update : httpd on SL7.x x86_64 (20200407)NessusScientific Linux Local Security Checks
high
135341CentOS 7 : httpd (CESA-2020:1121)NessusCentOS Local Security Checks
high
135146EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1359)NessusHuawei Local Security Checks
critical
135072RHEL 7 : httpd (RHSA-2020:1121)NessusRed Hat Local Security Checks
high
133989EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1155)NessusHuawei Local Security Checks
critical
131216RHEL 7 : JBoss Core Services (RHSA-2019:3933) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering) (Resource Loop)NessusRed Hat Local Security Checks
high
131215RHEL 6 : JBoss Core Services (RHSA-2019:3932) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering) (Resource Loop)NessusRed Hat Local Security Checks
high
124892EulerOS Virtualization for ARM 64 3.0.1.0 : httpd (EulerOS-SA-2019-1389)NessusHuawei Local Security Checks
critical
124870Photon OS 1.0: Httpd PHSA-2019-1.0-0230NessusPhotonOS Local Security Checks
high
124680Photon OS 2.0: Httpd PHSA-2019-2.0-0157NessusPhotonOS Local Security Checks
high
124390EulerOS 2.0 SP3 : httpd (EulerOS-SA-2019-1294)NessusHuawei Local Security Checks
high
98537Apache 2.4.x < 2.4.38 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
123823SUSE SLES12 Security Update : apache2 (SUSE-SU-2019:0889-1)NessusSuSE Local Security Checks
high
123822SUSE SLES12 Security Update : apache2 (SUSE-SU-2019:0888-1)NessusSuSE Local Security Checks
high
123787Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : apache2 vulnerabilities (USN-3937-1)NessusUbuntu Local Security Checks
high
123739EulerOS Virtualization 2.5.3 : httpd (EulerOS-SA-2019-1271)NessusHuawei Local Security Checks
high
123691Debian DSA-4422-1 : apache2 - security updateNessusDebian Local Security Checks
high
123611EulerOS 2.0 SP5 : httpd (EulerOS-SA-2019-1137)NessusHuawei Local Security Checks
high
123587EulerOS 2.0 SP2 : httpd (EulerOS-SA-2019-1113)NessusHuawei Local Security Checks
high
123427GLSA-201903-21 : Apache: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
122758Amazon Linux AMI : httpd24 (ALAS-2019-1166)NessusAmazon Linux Local Security Checks
high
122741openSUSE Security Update : apache2 (openSUSE-2019-305)NessusSuSE Local Security Checks
high
122661openSUSE Security Update : apache2 (openSUSE-2019-296)NessusSuSE Local Security Checks
high
122477SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2019:0504-1)NessusSuSE Local Security Checks
high
122475SUSE SLES12 Security Update : apache2 (SUSE-SU-2019:0498-1)NessusSuSE Local Security Checks
high
121437Debian DLA-1647-1 : apache2 security updateNessusDebian Local Security Checks
high
121355Apache 2.4.x < 2.4.38 Multiple VulnerabilitiesNessusWeb Servers
high
121336FreeBSD : Apache -- vulnerability (eb888ce5-1f19-11e9-be05-4c72b94353b5)NessusFreeBSD Local Security Checks
high
121327Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2019-022-01)NessusSlackware Local Security Checks
high