This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apache:http_server:2.2
Detail
VendorApacheFirst view 2006-07-27
ProductHttp ServerLast view2019-04-08
Version2.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apache:http_server

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
62019-04-08CVE-2019-0217NetworkMediumRequires ...
52019-01-30CVE-2018-17189NetworkLowNone Requ...
52018-03-26CVE-2018-1303NetworkLowNone Requ...
4.32018-03-26CVE-2018-1302NetworkMediumNone Requ...
4.32018-03-26CVE-2018-1301NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
3.32018-03-09CVE-2016-8612Adjacent ...LowNone Requ...
52017-09-18CVE-2017-9798NetworkLowNone Requ...
6.42017-07-13CVE-2017-9788NetworkLowNone Requ...
5.12016-07-18CVE-2016-5387NetworkHighNone Requ...
52015-07-20CVE-2015-3183NetworkLowNone Requ...
52015-03-07CVE-2015-0228NetworkLowNone Requ...
52014-07-20CVE-2014-0231NetworkLowNone Requ...
6.82014-07-20CVE-2014-0226NetworkMediumNone Requ...
4.32014-07-20CVE-2014-0118NetworkMediumNone Requ...
52014-03-18CVE-2014-0098NetworkLowNone Requ...
52014-03-18CVE-2013-6438NetworkLowNone Requ...
7.52013-07-23CVE-2013-2249NetworkLowNone Requ...
4.32013-07-10CVE-2013-1896NetworkMediumNone Requ...
5.12013-06-10CVE-2013-1862NetworkHighNone Requ...
4.32013-02-26CVE-2012-4558NetworkMediumNone Requ...
4.32013-02-26CVE-2012-3499NetworkMediumNone Requ...
6.92012-04-18CVE-2012-0883LocalMediumNone Requ...
4.32012-01-27CVE-2012-0053NetworkMediumNone Requ...
4.62012-01-18CVE-2012-0031LocalLowNone Requ...

CWE : Common Weakness Enumeration

%idName
20% (8)CWE-399Resource Management Errors
17% (7)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
15% (6)CWE-20Improper Input Validation
7% (3)CWE-264Permissions, Privileges, and Access Controls
5% (2)CWE-362Race Condition
Hide | Show 12 More...
%idName
5% (2)CWE-310Cryptographic Issues
5% (2)CWE-200Information Exposure
2% (1)CWE-476NULL Pointer Dereference
2% (1)CWE-416Use After Free
2% (1)CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (1)CWE-284Access Control (Authorization) Issues
2% (1)CWE-189Numeric Errors
2% (1)CWE-125Out-of-bounds Read
2% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
2% (1)CWE-17Code
2% (1)CWE-16Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-86Embedding Script (XSS ) in HTTP Headers

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:25379RHSA-2014:0920: httpd security update (Important)
oval:org.mitre.oval:def:25253RHSA-2014:0921: httpd security update (Important)
oval:org.mitre.oval:def:26259DSA-2989-1 -- apache2 - security update
oval:org.mitre.oval:def:25884USN-2299-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:26461SUSE-SU-2014:0967-1 -- Security update for the Apache Web Server
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:27060ELSA-2014-0920 -- httpd security update (important)
oval:org.mitre.oval:def:28909HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:18977HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary...
oval:org.mitre.oval:def:12238HP-UX Apache-based Web Server, Local Information Disclosure, Increase of Priv...
oval:org.mitre.oval:def:10352http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1...
oval:org.mitre.oval:def:8695Apache HTTP Server request header information disclosure
oval:org.mitre.oval:def:7161DSA-2035 apache2 -- multiple issues
oval:org.mitre.oval:def:21223RHSA-2010:0168: httpd security and enhancement update (Moderate)
oval:org.mitre.oval:def:13227DSA-2035-1 apache2 -- multiple issues
oval:org.mitre.oval:def:13100USN-908-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:10358The ap_read_request function in server/protocol.c in the Apache HTTP Server 2...
oval:org.mitre.oval:def:22685ELSA-2010:0168: httpd security and enhancement update (Moderate)
oval:org.mitre.oval:def:27438DEPRECATED: ELSA-2010-0168 -- httpd security and enhancement update (moderate)
oval:org.mitre.oval:def:19739HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Priv...
oval:org.mitre.oval:def:21205RHSA-2013:1156: httpd security update (Moderate)
oval:org.mitre.oval:def:19747HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Servi...
oval:org.mitre.oval:def:18835Apache HTTP vulnerability before 2.2.25 in VisualSVN Server (CVE-2013-1896)
oval:org.mitre.oval:def:18274USN-1903-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:23801ELSA-2013:1156: httpd security update (Moderate)
oval:org.mitre.oval:def:23320DEPRECATED: ELSA-2013:1156: httpd security update (Moderate)

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78556Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Dis...
78293Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
78079GoAhead WebServer Partial HTTP Request Parsing Remote DoS
77832Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint...
75647Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remot...
Hide | Show 20 More...
idDescription
75622Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74335Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection
73388Multiple Vendor libc Implentation fnmatch.c Memory Consumption DoS
73383Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop...
71961Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ...
71951Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes...
70620mGuard TLS Renegotiation Handshakes MiTM Plaintext Data Injection
70055Oracle Supply Chain Transportation Management TLS Renegotiation Handshakes Mi...
69561IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Handshake MiTM Plaintex...
69032Oracle Java SE / Java for Business TLS Renegotiation Handshake MiTM Plaintext...
67029HP Threat Management Services zl Module TLS Renegotiation Handshakes MiTM Pla...
66745Apache HTTP Server Multiple Modules Pathless Request Remote DoS
66315HP Insight Manager TLS Renegotiation Handshakes MiTM Plaintext Data Injection
65202OpenOffice.org (OOo) TLS Renegotiation Handshakes MiTM Plaintext Data Injection
64725HP System Management Homepage (SMH) TLS Renegotiation Handshakes MiTM Plainte...
64499ArubaOS HTTPS WebUI Admin Interface TLS Renegotiation Handshakes MiTM Plainte...
64040IBM DB2 TLS Renegotiation Handshakes MiTM Plaintext Data Injection
62877SSH Tectia Audit Player TLS Renegotiation Handshakes MiTM Plaintext Data Inje...
62676Apache HTTP Server mod_proxy_ajp Module Crafted Request Remote DoS
62675Apache HTTP Server Multi-Processing Module (MPM) Subrequest Header Handling C...

ExploitDB Exploits

idDescription
17393Oracle HTTP Server XSS Header Injection
10579TLS Renegotiation Vulnerability PoC Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-10-03Name : Mandriva Update for apache MDVSA-2012:154-1 (apache)
File : nvt/gb_mandriva_MDVSA_2012_154_1.nasl
2012-09-25Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-10Name : Slackware Advisory SSA:2011-133-01 apr/apr-util
File : nvt/esoft_slk_ssa_2011_133_01.nasl
2012-09-10Name : Slackware Advisory SSA:2011-284-01 httpd
File : nvt/esoft_slk_ssa_2011_284_01.nasl
2012-09-10Name : Slackware Advisory SSA:2012-041-01 httpd
File : nvt/esoft_slk_ssa_2012_041_01.nasl
Hide | Show 20 More...
idDescription
2012-08-10Name : FreeBSD Ports: apache
File : nvt/freebsd_apache21.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS)
File : nvt/glsa_201206_18.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-25 (apache)
File : nvt/glsa_201206_25.nasl
2012-08-02Name : SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
File : nvt/gb_suse_2012_0314_1.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0507 centos4 x86_64
File : nvt/gb_CESA-2011_0507_apr_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0507 centos5 x86_64
File : nvt/gb_CESA-2011_0507_apr_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0844 centos4 x86_64
File : nvt/gb_CESA-2011_0844_apr_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for apr CESA-2011:0844 centos5 x86_64
File : nvt/gb_CESA-2011_0844_apr_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2012:0128 centos6
File : nvt/gb_CESA-2012_0128_httpd_centos6.nasl
2012-07-09Name : RedHat Update for httpd RHSA-2011:1391-01
File : nvt/gb_RHSA-2011_1391-01_httpd.nasl
2012-07-09Name : RedHat Update for httpd RHSA-2012:0128-01
File : nvt/gb_RHSA-2012_0128-01_httpd.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-22 (nginx)
File : nvt/glsa_201203_22.nasl
2012-04-26Name : Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
File : nvt/secpod_apache_http_srv_cookie_info_disc_vuln.nasl
2012-04-02Name : Fedora Update for httpd FEDORA-2012-1598
File : nvt/gb_fedora_2012_1598_httpd_fc16.nasl
2012-03-16Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2012-03-07Name : Fedora Update for httpd FEDORA-2012-1642
File : nvt/gb_fedora_2012_1642_httpd_fc15.nasl
2012-03-07Name : Fedora Update for apr FEDORA-2012-1656
File : nvt/gb_fedora_2012_1656_apr_fc15.nasl
2012-02-27Name : RedHat Update for httpd RHSA-2012:0323-01
File : nvt/gb_RHSA-2012_0323-01_httpd.nasl
2012-02-21Name : Ubuntu Update for apache2 USN-1368-1
File : nvt/gb_ubuntu_USN_1368_1.nasl
2012-02-13Name : Debian Security Advisory DSA 2405-1 (apache2)
File : nvt/deb_2405_1.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-A-0174Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0061135
2015-A-0149Multiple Vulnerabilities in Juniper Networks and Security Manager(NSM) Appliance
Severity : Category I - VMSKEY : V0061101
2015-B-0083Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity : Category I - VMSKEY : V0060983
2014-A-0172Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0057381
Hide | Show 10 More...
idDescription
2014-A-0114Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0053307
2014-A-0084Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0052631
2014-B-0065Multiple Vulnerabilities in IBM WebSphere Application Server
Severity : Category I - VMSKEY : V0051617
2014-A-0030Apple Mac OS X Security Update 2014-001
Severity : Category I - VMSKEY : V0044547
2014-A-0009Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0043395
2013-A-0177Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0040288
2013-A-0146Multiple Security Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0039573
2012-B-0048Multiple Vulnerabilities in HP Systems Insight Manager
Severity : Category I - VMSKEY : V0032178
2012-B-0038Multiple Vulnerabilities in HP Onboard Administrator
Severity : Category I - VMSKEY : V0031972
2011-A-0066Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158

Snort® IPS/IDS

DateDescription
2018-06-05HTTP request smuggling attempt
RuleID : 46495 - Type : SERVER-OTHER - Revision : 4
2017-12-13Apache HTTP Server possible mod_dav.c remote denial of service vulnerability ...
RuleID : 44808 - Type : INDICATOR-COMPROMISE - Revision : 2
2017-10-26Apache HTTP Server possible OPTIONS method memory leak attempt
RuleID : 44434 - Type : SERVER-APACHE - Revision : 5
2017-08-31Apache mod_auth_digest out of bounds read attempt
RuleID : 43790 - Type : SERVER-OTHER - Revision : 2
2016-07-28HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737-community - Type : SERVER-WEBAPP - Revision : 2
Hide | Show 7 More...
DateDescription
2016-08-31HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737 - Type : SERVER-WEBAPP - Revision : 2
2016-04-05Apache HTTP server potential cookie disclosure attempt
RuleID : 37968 - Type : SERVER-WEBAPP - Revision : 1
2015-09-01Apache HTTP Server mod_status heap buffer overflow attempt
RuleID : 35406 - Type : SERVER-APACHE - Revision : 4
2014-01-10Apache mod_proxy_balancer cross site scripting attempt
RuleID : 26431 - Type : SERVER-WEBAPP - Revision : 3
2014-01-10Apache APR apr_fn match infinite loop denial of service attempt
RuleID : 19709 - Type : SERVER-APACHE - Revision : 4
2014-01-10Apache http Server mod_tcl format string attempt
RuleID : 16021 - Type : SERVER-APACHE - Revision : 9
2014-01-10Apache mod_imagemap cross site scripting attempt
RuleID : 13302 - Type : SERVER-APACHE - Revision : 12

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-eec13e2e8d.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-6744ca470d.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2478.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2972.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0027.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-1_0-0126.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0037.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0039.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1212.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1213.nasl - Type : ACT_GATHER_INFO
2018-05-31Name : The remote Debian host is missing a security update.
File : debian_DLA-1389.nasl - Type : ACT_GATHER_INFO
2018-05-14Name : The remote Fedora host is missing a security update.
File : fedora_2018-e6d9251471.nasl - Type : ACT_GATHER_INFO
2018-05-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1004.nasl - Type : ACT_GATHER_INFO
2018-04-30Name : The remote Fedora host is missing a security update.
File : fedora_2018-63de5f3f6b.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-0a95bff197.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-375e3244b6.nasl - Type : ACT_GATHER_INFO
2018-04-04Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4164.nasl - Type : ACT_GATHER_INFO
2018-04-03Name : The remote web server may allow remote code execution.
File : iis_7_pci.nasl - Type : ACT_GATHER_INFO
2018-03-30Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_4_30.nasl - Type : ACT_GATHER_INFO
2018-03-27Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f38187e72f6e11e88f07b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2018-03-21Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa_10838.nasl - Type : ACT_GATHER_INFO
2018-03-09Name : The remote web server is affected by multiple vulnerabilities.
File : nginx_0_7_64.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-fdd3a98e8f.nasl - Type : ACT_GATHER_INFO
2017-12-07Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13_2.nasl - Type : ACT_GATHER_INFO
2017-12-07Name : The remote host is missing a macOS or Mac OS X security update that fixes mul...
File : macosx_SecUpd2017-005.nasl - Type : ACT_GATHER_INFO