CVE-2019-10098

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.

References

https://httpd.apache.org/security/vulnerabilities_24.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

http://www.openwall.com/lists/oss-security/2020/04/01/4

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://www.oracle.com/security-alerts/cpuapr2020.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://www.oracle.com/security-alerts/cpuApr2021.html

Details

Source: MITRE

Published: 2019-09-25

Updated: 2021-06-14

Type: CWE-601

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from 2.4.0 to 2.4.39 (inclusive)

Tenable Plugins

View all (35 total)

IDNameProductFamilySeverity
151463F5 Networks BIG-IP : Apache HTTPD vulnerability (K25126370)NessusF5 Networks Local Security Checks
medium
147353NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Multiple Vulnerabilities (NS-SA-2021-0036)NessusNewStart CGSL Local Security Checks
high
145821CentOS 8 : httpd:2.4 (CESA-2020:4751)NessusCentOS Local Security Checks
critical
144775IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.17 / 9.0.0.0 < 9.0.5.1 Multiple Vulnerabilities (964768)NessusWeb Servers
medium
142762Oracle Linux 8 : httpd:2.4 (ELSA-2020-4751)NessusOracle Linux Local Security Checks
critical
142397RHEL 8 : httpd:2.4 (RHSA-2020:4751)NessusRed Hat Local Security Checks
critical
141711Scientific Linux Security Update : httpd on SL7.x x86_64 (20201001)NessusScientific Linux Local Security Checks
high
141584CentOS 7 : httpd (CESA-2020:3958)NessusCentOS Local Security Checks
high
141040RHEL 7 : httpd (RHSA-2020:3958)NessusRed Hat Local Security Checks
high
140870EulerOS 2.0 SP3 : httpd (EulerOS-SA-2020-2103)NessusHuawei Local Security Checks
medium
137492EulerOS 2.0 SP2 : httpd (EulerOS-SA-2020-1650)NessusHuawei Local Security Checks
medium
136255EulerOS Virtualization for ARM 64 3.0.2.0 : httpd (EulerOS-SA-2020-1552)NessusHuawei Local Security Checks
medium
135617EulerOS Virtualization 3.0.2.2 : httpd (EulerOS-SA-2020-1455)NessusHuawei Local Security Checks
medium
135235RHEL 6 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP2 (RHSA-2020:1337)NessusRed Hat Local Security Checks
critical
135160Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2020-091-02) (Internal Data Buffering)NessusSlackware Local Security Checks
critical
135157EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1370)NessusHuawei Local Security Checks
medium
134781EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1289)NessusHuawei Local Security Checks
medium
133042Oracle Secure Global Desktop Multiple Vulnerabilities (January 2020 CPU)NessusMisc.
medium
132358EulerOS 2.0 SP5 : httpd (EulerOS-SA-2019-2691)NessusHuawei Local Security Checks
medium
130400Amazon Linux 2 : httpd (ALAS-2019-1341)NessusAmazon Linux Local Security Checks
high
130281Amazon Linux AMI : httpd24 (ALAS-2019-1311) (Internal Data Buffering)NessusAmazon Linux Local Security Checks
critical
130109Photon OS 1.0: Httpd PHSA-2019-1.0-0253NessusPhotonOS Local Security Checks
critical
130101Photon OS 3.0: Httpd PHSA-2019-3.0-0035NessusPhotonOS Local Security Checks
critical
129688Photon OS 2.0: Httpd PHSA-2019-2.0-0178NessusPhotonOS Local Security Checks
critical
128993Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Apache HTTP Server regression (USN-4113-2) (Internal Data Buffering)NessusUbuntu Local Security Checks
critical
128612SUSE SLES12 Security Update : apache2 (SUSE-SU-2019:2329-1) (Internal Data Buffering)NessusSuSE Local Security Checks
critical
128593GLSA-201909-04 : Apache: Multiple vulnerabilities (Internal Data Buffering)NessusGentoo Local Security Checks
critical
128460openSUSE Security Update : apache2 (openSUSE-2019-2051) (Internal Data Buffering)NessusSuSE Local Security Checks
critical
128412Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Apache HTTP Server vulnerabilities (USN-4113-1) (Internal Data Buffering)NessusUbuntu Local Security Checks
critical
128316SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2019:2237-1) (Internal Data Buffering)NessusSuSE Local Security Checks
critical
128182Debian DSA-4509-1 : apache2 - security update (Internal Data Buffering)NessusDebian Local Security Checks
critical
128084Fedora 30 : 1:mod_md / httpd (2019-099575a123)NessusFedora Local Security Checks
high
98669Apache 2.4.x < 2.4.41 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
128033Apache 2.4.x < 2.4.41 Multiple VulnerabilitiesNessusWeb Servers
critical
127951FreeBSD : Apache -- Multiple vulnerabilities (caf545f2-c0d9-11e9-9051-4c72b94353b5) (Internal Data Buffering)NessusFreeBSD Local Security Checks
critical