CVE-2020-11984HIGH
Description
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
References
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html
http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html
http://www.openwall.com/lists/oss-security/2020/08/08/1
http://www.openwall.com/lists/oss-security/2020/08/08/10
http://www.openwall.com/lists/oss-security/2020/08/08/8
http://www.openwall.com/lists/oss-security/2020/08/08/9
http://www.openwall.com/lists/oss-security/2020/08/10/5
http://www.openwall.com/lists/oss-security/2020/08/17/2
https://httpd.apache.org/security/vulnerabilities_24.html
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html
https://security.gentoo.org/glsa/202008-04
https://security.netapp.com/advisory/ntap-20200814-0005/
https://usn.ubuntu.com/4458-1/
https://www.debian.org/security/2020/dsa-4757
Details
Source: MITRE
Published: 2020-08-07
Updated: 2021-03-30
Type: CWE-120
Risk Information
CVSS v2.0
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
CVSS v3.0
Base Score: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
Severity: CRITICAL
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from 2.4.32 to 2.4.43 (inclusive)
Configuration 2
OR
Configuration 3
OR
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Configuration 4
OR
Configuration 5
OR
Configuration 6
OR
Configuration 7
OR
cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:* versions from 8.2.0 to 8.2.2 (inclusive)
cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:* versions from 8.2.0 to 8.2.2 (inclusive)
cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:* versions from 8.2.0 to 8.2.2 (inclusive)
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 147602 | EulerOS : httpd (EulerOS-SA-2021-1602) | Nessus | Huawei Local Security Checks | high |
| 145225 | Oracle Enterprise Manager Ops Center (Jan 2021 CPU) | Nessus | Misc. | high |
| 143158 | Amazon Linux 2 : httpd (ALAS-2020-1490) | Nessus | Amazon Linux Local Security Checks | high |
| 142025 | RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 (RHSA-2020:4384) | Nessus | Red Hat Local Security Checks | high |
| 140966 | EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-2018) | Nessus | Huawei Local Security Checks | high |
| 112580 | Apache 2.4.x < 2.4.46 Multiple Vulnerabilities | Web Application Scanning | Component Vulnerability | high |
| 140226 | Fedora 31 : httpd (2020-0d3d3f5072) | Nessus | Fedora Local Security Checks | high |
| 140224 | Debian DLA-2362-1 : uwsgi security update | Nessus | Debian Local Security Checks | high |
| 140105 | Fedora 32 : httpd (2020-189a1e6c3e) | Nessus | Fedora Local Security Checks | high |
| 140104 | Debian DSA-4757-1 : apache2 - security update | Nessus | Debian Local Security Checks | high |
| 140086 | Amazon Linux AMI : httpd24 (ALAS-2020-1418) | Nessus | Amazon Linux Local Security Checks | high |
| 140078 | openSUSE Security Update : apache2 (openSUSE-2020-1293) | Nessus | SuSE Local Security Checks | high |
| 140076 | openSUSE Security Update : apache2 (openSUSE-2020-1285) | Nessus | SuSE Local Security Checks | high |
| 139957 | EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1854) | Nessus | Huawei Local Security Checks | high |
| 139906 | SUSE SLES15 Security Update : apache2 (SUSE-SU-2020:2344-1) | Nessus | SuSE Local Security Checks | high |
| 139844 | SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2020:2311-1) | Nessus | SuSE Local Security Checks | high |
| 139697 | Photon OS 1.0: Httpd PHSA-2020-1.0-0313 | Nessus | PhotonOS Local Security Checks | high |
| 139612 | Photon OS 3.0: Httpd PHSA-2020-3.0-0125 | Nessus | PhotonOS Local Security Checks | high |
| 139609 | Photon OS 2.0: Httpd PHSA-2020-2.0-0272 | Nessus | PhotonOS Local Security Checks | high |
| 139596 | Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : Apache HTTP Server vulnerabilities (USN-4458-1) | Nessus | Ubuntu Local Security Checks | high |
| 139574 | Apache 2.4.x < 2.4.46 Multiple Vulnerabilities | Nessus | Web Servers | high |
| 139439 | GLSA-202008-04 : Apache: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
| 139436 | FreeBSD : Apache httpd -- Multiple vulnerabilities (76700d2f-d959-11ea-b53c-d4c9ef517024) | Nessus | FreeBSD Local Security Checks | high |