Apache 2.4.x < 2.4.39 Multiple Vulnerabilities

high Web Application Scanning Plugin ID 98530

Synopsis

Apache 2.4.x < 2.4.39 Multiple Vulnerabilities

Description

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.39. It is, therefore, affected by multiple vulnerabilities:

- A privilege escalation vulnerability exists in module scripts due to an ability to execute arbitrary code as the parent process by manipulating the scoreboard. (CVE-2019-0211)

- An access control bypass vulnerability exists in mod_auth_digest due to a race condition when running in a threaded server. An attacker with valid credentials could authenticate using another username. (CVE-2019-0217)

- An access control bypass vulnerability exists in mod_ssl when using per-location client certificate verification with TLSv1.3. (CVE-2019-0215)

In addition, Apache httpd is also affected by several additional vulnerabilities including a denial of service, read-after-free and URL path normalization inconsistencies.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache version 2.4.39 or later.

See Also

https://archive.apache.org/dist/httpd/CHANGES_2.4.39

https://httpd.apache.org/security/vulnerabilities_24.html#2.4.39

Plugin Details

Severity: High

ID: 98530

Type: remote

Published: 4/8/2019

Updated: 10/7/2021

Scan Template: scan, pci, api

Risk Information

CVSS Score Source: CVE-2019-0211

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Exploit Ease: No known exploits are available

Patch Publication Date: 6/11/2019

Vulnerability Publication Date: 6/11/2019

Reference Information

CVE: CVE-2019-0196, CVE-2019-0197, CVE-2019-0211, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220