CVE-2019-17567

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.

References

http://httpd.apache.org/security/vulnerabilities_24.html

https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cannounce.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

http://www.openwall.com/lists/oss-security/2021/06/10/2

https://security.netapp.com/advisory/ntap-20210702-0001/

https://security.gentoo.org/glsa/202107-38

https://lists.fedoraproject.org/archives/list/[email protected]/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/

https://www.oracle.com/security-alerts/cpuoct2021.html

Details

Source: MITRE

Published: 2021-06-10

Updated: 2021-10-20

Type: CWE-444

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Impact Score: 1.4

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from 2.4.6 to 2.4.46 (inclusive)

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
153184Photon OS 3.0: Httpd PHSA-2021-3.0-0257NessusPhotonOS Local Security Checks
high
151522Amazon Linux AMI : httpd24 (ALAS-2021-1514)NessusAmazon Linux Local Security Checks
critical
151436Photon OS 1.0: Httpd PHSA-2021-1.0-0409NessusPhotonOS Local Security Checks
critical
151272Amazon Linux 2 : httpd (ALAS-2021-1674)NessusAmazon Linux Local Security Checks
critical
151196Photon OS 2.0: Httpd PHSA-2021-2.0-0365NessusPhotonOS Local Security Checks
critical
151010FreeBSD : Apache httpd -- Multiple vulnerabilities (cce76eca-ca16-11eb-9b84-d4c9ef517024)NessusFreeBSD Local Security Checks
critical
150983Amazon Linux 2 : httpd (ALAS-2021-1659)NessusAmazon Linux Local Security Checks
critical
112806Apache 2.4.x < 2.4.48 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
150334Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2021-158-01)NessusSlackware Local Security Checks
critical
150280Apache 2.4.x < 2.4.47 Multiple VulnerabilitiesNessusWeb Servers
critical