CVE-2020-11993

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers.

References

https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993

https://security.gentoo.org/glsa/202008-04

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

https://security.netapp.com/advisory/ntap-20200814-0005/

https://usn.ubuntu.com/4458-1/

https://lists.fedoraproject.org/archives/list/[email protected]/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/

http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html

http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html

https://www.debian.org/security/2020/dsa-4757

https://www.oracle.com/security-alerts/cpuoct2020.html

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00081.html

http://packetstormsecurity.com/files/160393/Apache-2-HTTP2-Module-Concurrent-Pool-Usage.html

https://www.oracle.com/security-alerts/cpujan2021.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2020-08-07

Updated: 2021-06-06

Type: CWE-444

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from 2.4.20 to 2.4.43 (inclusive)

Configuration 2

OR

cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

Configuration 4

OR

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Configuration 7

OR

cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:* versions from 8.2.0 to 8.2.2 (inclusive)

cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:* versions from 8.2.0 to 8.2.2 (inclusive)

cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:* versions from 8.2.0 to 8.2.2 (inclusive)

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
149913Oracle Linux 8 : httpd:2.4 (ELSA-2021-1809)NessusOracle Linux Local Security Checks
critical
149737CentOS 8 : httpd:2.4 (CESA-2021:1809)NessusCentOS Local Security Checks
critical
149696RHEL 8 : httpd:2.4 (RHSA-2021:1809)NessusRed Hat Local Security Checks
critical
147602EulerOS Virtualization 2.9.1 : httpd (EulerOS-SA-2021-1602)NessusHuawei Local Security Checks
critical
143613SUSE SLES15 Security Update : apache2 (SUSE-SU-2020:3067-1)NessusSuSE Local Security Checks
high
143158Amazon Linux 2 : httpd (ALAS-2020-1490)NessusAmazon Linux Local Security Checks
critical
142207openSUSE Security Update : apache2 (openSUSE-2020-1792)NessusSuSE Local Security Checks
high
142025RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 (RHSA-2020:4384)NessusRed Hat Local Security Checks
critical
140966EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-2018)NessusHuawei Local Security Checks
critical
140635Amazon Linux 2 : mod_http2 (ALAS-2020-1493)NessusAmazon Linux Local Security Checks
high
112580Apache 2.4.x < 2.4.46 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
140252SUSE SLES12 Security Update : apache2 (SUSE-SU-2020:2450-1)NessusSuSE Local Security Checks
medium
140104Debian DSA-4757-1 : apache2 - security updateNessusDebian Local Security Checks
critical
140086Amazon Linux AMI : httpd24 (ALAS-2020-1418)NessusAmazon Linux Local Security Checks
critical
140078openSUSE Security Update : apache2 (openSUSE-2020-1293)NessusSuSE Local Security Checks
critical
140076openSUSE Security Update : apache2 (openSUSE-2020-1285)NessusSuSE Local Security Checks
critical
139957EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1854)NessusHuawei Local Security Checks
critical
139906SUSE SLES15 Security Update : apache2 (SUSE-SU-2020:2344-1)NessusSuSE Local Security Checks
critical
139884Fedora 31 : mod_http2 (2020-b58dc5df38)NessusFedora Local Security Checks
high
139844SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2020:2311-1)NessusSuSE Local Security Checks
critical
139736Fedora 32 : mod_http2 (2020-8122a8daa2)NessusFedora Local Security Checks
high
139697Photon OS 1.0: Httpd PHSA-2020-1.0-0313NessusPhotonOS Local Security Checks
critical
139612Photon OS 3.0: Httpd PHSA-2020-3.0-0125NessusPhotonOS Local Security Checks
critical
139609Photon OS 2.0: Httpd PHSA-2020-2.0-0272NessusPhotonOS Local Security Checks
critical
139596Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : Apache HTTP Server vulnerabilities (USN-4458-1)NessusUbuntu Local Security Checks
critical
139574Apache 2.4.x < 2.4.46 Multiple VulnerabilitiesNessusWeb Servers
critical
139439GLSA-202008-04 : Apache: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
139436FreeBSD : Apache httpd -- Multiple vulnerabilities (76700d2f-d959-11ea-b53c-d4c9ef517024)NessusFreeBSD Local Security Checks
critical