CVE-2020-1927

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.

References

https://httpd.apache.org/security/vulnerabilities_24.html

http://www.openwall.com/lists/oss-security/2020/04/03/1

http://www.openwall.com/lists/oss-security/2020/04/04/1

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://security.netapp.com/advisory/ntap-20200413-0002/

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://usn.ubuntu.com/4458-1/

https://lists.fedoraproject.org/archives/list/[email protected]/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/

https://www.debian.org/security/2020/dsa-4757

https://lists.fedoraproject.org/archives/list/[email protected]/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/r06f0d87ebb6d59ed[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://www.oracle.com/security-alerts/cpuApr2021.html

Details

Source: MITRE

Published: 2020-04-02

Updated: 2021-07-09

Type: CWE-601

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from 2.4.0 to 2.4.41 (inclusive)

Tenable Plugins

View all (34 total)

IDNameProductFamilySeverity
151486Debian DLA-2706-1 : apache2 - LTS security updateNessusDebian Local Security Checks
critical
151466F5 Networks BIG-IP : Apache HTTPD vulnerability (K23153696)NessusF5 Networks Local Security Checks
medium
147353NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Multiple Vulnerabilities (NS-SA-2021-0036)NessusNewStart CGSL Local Security Checks
high
145821CentOS 8 : httpd:2.4 (CESA-2020:4751)NessusCentOS Local Security Checks
critical
144070IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.18 / 9.0.0.0 < 9.0.5.4 Multiple Vulnerabilities (6191631)NessusWeb Servers
medium
142762Oracle Linux 8 : httpd:2.4 (ELSA-2020-4751)NessusOracle Linux Local Security Checks
critical
142397RHEL 8 : httpd:2.4 (RHSA-2020:4751)NessusRed Hat Local Security Checks
critical
141739EulerOS Virtualization 3.0.2.2 : httpd (EulerOS-SA-2020-2224)NessusHuawei Local Security Checks
medium
141711Scientific Linux Security Update : httpd on SL7.x x86_64 (20201001)NessusScientific Linux Local Security Checks
high
141584CentOS 7 : httpd (CESA-2020:3958)NessusCentOS Local Security Checks
high
141040RHEL 7 : httpd (RHSA-2020:3958)NessusRed Hat Local Security Checks
high
140870EulerOS 2.0 SP3 : httpd (EulerOS-SA-2020-2103)NessusHuawei Local Security Checks
medium
140226Fedora 31 : httpd (2020-0d3d3f5072)NessusFedora Local Security Checks
critical
140105Fedora 32 : httpd (2020-189a1e6c3e)NessusFedora Local Security Checks
critical
140104Debian DSA-4757-1 : apache2 - security updateNessusDebian Local Security Checks
critical
139596Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : Apache HTTP Server vulnerabilities (USN-4458-1)NessusUbuntu Local Security Checks
critical
137968EulerOS Virtualization 3.0.6.0 : httpd (EulerOS-SA-2020-1749)NessusHuawei Local Security Checks
medium
137799EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1692)NessusHuawei Local Security Checks
medium
137492EulerOS 2.0 SP2 : httpd (EulerOS-SA-2020-1650)NessusHuawei Local Security Checks
medium
137093Amazon Linux AMI : httpd24 (ALAS-2020-1370)NessusAmazon Linux Local Security Checks
medium
137019EulerOS 2.0 SP5 : httpd (EulerOS-SA-2020-1601)NessusHuawei Local Security Checks
medium
136750Amazon Linux 2 : httpd (ALAS-2020-1427)NessusAmazon Linux Local Security Checks
medium
136662SUSE SLES12 Security Update : apache2 (SUSE-SU-2020:1272-1)NessusSuSE Local Security Checks
critical
136310openSUSE Security Update : apache2 (openSUSE-2020-597)NessusSuSE Local Security Checks
critical
136255EulerOS Virtualization for ARM 64 3.0.2.0 : httpd (EulerOS-SA-2020-1552)NessusHuawei Local Security Checks
medium
136106Photon OS 1.0: Httpd PHSA-2020-1.0-0290NessusPhotonOS Local Security Checks
medium
136078SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2020:1126-1)NessusSuSE Local Security Checks
critical
136014SUSE SLES12 Security Update : apache2 (SUSE-SU-2020:1111-1)NessusSuSE Local Security Checks
critical
135864Photon OS 2.0: Httpd PHSA-2020-2.0-0228NessusPhotonOS Local Security Checks
medium
135787Photon OS 3.0: Httpd PHSA-2020-3.0-0079NessusPhotonOS Local Security Checks
medium
135738EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1505)NessusHuawei Local Security Checks
medium
98998Apache 2.4.x < 2.4.43 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
medium
135290Apache 2.4.x < 2.4.42 Multiple VulnerabilitiesNessusWeb Servers
medium
135194FreeBSD : Apache -- Multiple vulnerabilities (b360b120-74b1-11ea-a84a-4c72b94353b5)NessusFreeBSD Local Security Checks
medium