This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apache:http_server:2.2.21
Detail
VendorApacheFirst view 2009-07-05
ProductHttp ServerLast view2019-04-08
Version2.2.21TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apache:http_server

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
62019-04-08CVE-2019-0217NetworkMediumRequires ...
52019-01-30CVE-2018-17189NetworkLowNone Requ...
4.32018-08-14CVE-2016-4975NetworkMediumNone Requ...
52018-03-26CVE-2018-1303NetworkLowNone Requ...
4.32018-03-26CVE-2018-1302NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32018-03-26CVE-2018-1301NetworkMediumNone Requ...
3.32018-03-09CVE-2016-8612Adjacent ...LowNone Requ...
52017-09-18CVE-2017-9798NetworkLowNone Requ...
6.42017-07-13CVE-2017-9788NetworkLowNone Requ...
7.52017-06-19CVE-2017-7679NetworkLowNone Requ...
7.52017-06-19CVE-2017-7668NetworkLowNone Requ...
7.52017-06-19CVE-2017-3169NetworkLowNone Requ...
7.52017-06-19CVE-2017-3167NetworkLowNone Requ...
5.12016-07-18CVE-2016-5387NetworkHighNone Requ...
52015-07-20CVE-2015-3183NetworkLowNone Requ...
52015-03-07CVE-2015-0228NetworkLowNone Requ...
52014-07-20CVE-2014-0231NetworkLowNone Requ...
6.82014-07-20CVE-2014-0226NetworkMediumNone Requ...
4.32014-07-20CVE-2014-0118NetworkMediumNone Requ...
52014-03-18CVE-2014-0098NetworkLowNone Requ...
52014-03-18CVE-2013-6438NetworkLowNone Requ...
7.52013-07-23CVE-2013-2249NetworkLowNone Requ...
4.32013-07-10CVE-2013-1896NetworkMediumNone Requ...
5.12013-06-10CVE-2013-1862NetworkHighNone Requ...

CWE : Common Weakness Enumeration

%idName
28% (11)CWE-20Improper Input Validation
10% (4)CWE-399Resource Management Errors
7% (3)CWE-264Permissions, Privileges, and Access Controls
7% (3)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
5% (2)CWE-476NULL Pointer Dereference
Hide | Show 12 More...
%idName
5% (2)CWE-362Race Condition
5% (2)CWE-189Numeric Errors
5% (2)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (1)CWE-416Use After Free
2% (1)CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (1)CWE-310Cryptographic Issues
2% (1)CWE-287Improper Authentication
2% (1)CWE-284Access Control (Authorization) Issues
2% (1)CWE-200Information Exposure
2% (1)CWE-125Out-of-bounds Read
2% (1)CWE-93Failure to Sanitize CRLF Sequences ('CRLF Injection')
2% (1)CWE-17Code

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:21066RHSA-2013:0512: httpd security, bug fix, and enhancement update (Low)
oval:org.mitre.oval:def:19284HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), ...
oval:org.mitre.oval:def:18938HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary...
oval:org.mitre.oval:def:23943ELSA-2013:0512: httpd security, bug fix, and enhancement update (Low)
oval:org.mitre.oval:def:27395DEPRECATED: ELSA-2013-0512 -- httpd security, bug fix, and enhancement update...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:25379RHSA-2014:0920: httpd security update (Important)
oval:org.mitre.oval:def:25253RHSA-2014:0921: httpd security update (Important)
oval:org.mitre.oval:def:26259DSA-2989-1 -- apache2 - security update
oval:org.mitre.oval:def:25884USN-2299-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:26461SUSE-SU-2014:0967-1 -- Security update for the Apache Web Server
oval:org.mitre.oval:def:27060ELSA-2014-0920 -- httpd security update (important)
oval:org.mitre.oval:def:28909HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:18977HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary...
oval:org.mitre.oval:def:19686HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Priv...
oval:org.mitre.oval:def:19739HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Priv...
oval:org.mitre.oval:def:21205RHSA-2013:1156: httpd security update (Moderate)
oval:org.mitre.oval:def:19747HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Servi...
oval:org.mitre.oval:def:18835Apache HTTP vulnerability before 2.2.25 in VisualSVN Server (CVE-2013-1896)
oval:org.mitre.oval:def:18274USN-1903-1 -- apache2 vulnerabilities
oval:org.mitre.oval:def:23801ELSA-2013:1156: httpd security update (Moderate)
oval:org.mitre.oval:def:23320DEPRECATED: ELSA-2013:1156: httpd security update (Moderate)
oval:org.mitre.oval:def:26836SUSE-SU-2014:1082-1 -- Security update for apache2
oval:org.mitre.oval:def:27412DEPRECATED: ELSA-2013-1156 -- httpd security update (moderate)
oval:org.mitre.oval:def:21017RHSA-2013:0130: httpd security, bug fix, and enhancement update (Low)
oval:org.mitre.oval:def:19539HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), ...

Open Source Vulnerability Database (OSVDB)

idDescription
78556Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Dis...
78555Apache HTTP Server Threaded MPM %{cookiename}C Log Format String Cookie Handl...
78293Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
77310Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (201...
77012Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handlin...
Hide | Show 3 More...
idDescription
76744Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handlin...
76079Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Secur...
55553Apache HTTP Server mod_proxy Module mod_proxy_http.c stream_reqbody_cl Functi...

ExploitDB Exploits

idDescription
17969Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-06Name : Apache HTTP Server mod_proxy_ajp Process Timeout DoS Vulnerability (Windows)
File : nvt/gb_apache_mod_proxy_ajp_process_timeout_dos_vuln_win.nasl
2012-12-04Name : Debian Security Advisory DSA 2579-1 (apache2)
File : nvt/deb_2579_1.nasl
2012-11-26Name : FreeBSD Ports: apache22
File : nvt/freebsd_apache22.nasl
2012-11-09Name : Ubuntu Update for apache2 USN-1627-1
File : nvt/gb_ubuntu_USN_1627_1.nasl
2012-10-03Name : Mandriva Update for apache MDVSA-2012:154-1 (apache)
File : nvt/gb_mandriva_MDVSA_2012_154_1.nasl
Hide | Show 20 More...
idDescription
2012-09-25Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-10Name : Slackware Advisory SSA:2012-041-01 httpd
File : nvt/esoft_slk_ssa_2012_041_01.nasl
2012-08-10Name : FreeBSD Ports: apache
File : nvt/freebsd_apache21.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-25 (apache)
File : nvt/glsa_201206_25.nasl
2012-08-02Name : SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
File : nvt/gb_suse_2012_0314_1.nasl
2012-07-30Name : CentOS Update for httpd CESA-2011:1392 centos4 x86_64
File : nvt/gb_CESA-2011_1392_httpd_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2011:1392 centos5 x86_64
File : nvt/gb_CESA-2011_1392_httpd_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for httpd CESA-2012:0128 centos6
File : nvt/gb_CESA-2012_0128_httpd_centos6.nasl
2012-07-09Name : RedHat Update for httpd RHSA-2011:1391-01
File : nvt/gb_RHSA-2011_1391-01_httpd.nasl
2012-07-09Name : RedHat Update for httpd RHSA-2012:0128-01
File : nvt/gb_RHSA-2012_0128-01_httpd.nasl
2012-04-26Name : Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
File : nvt/secpod_apache_http_srv_cookie_info_disc_vuln.nasl
2012-04-02Name : Fedora Update for httpd FEDORA-2012-1598
File : nvt/gb_fedora_2012_1598_httpd_fc16.nasl
2012-03-07Name : Fedora Update for httpd FEDORA-2012-1642
File : nvt/gb_fedora_2012_1642_httpd_fc15.nasl
2012-02-27Name : RedHat Update for httpd RHSA-2012:0323-01
File : nvt/gb_RHSA-2012_0323-01_httpd.nasl
2012-02-21Name : Ubuntu Update for apache2 USN-1368-1
File : nvt/gb_ubuntu_USN_1368_1.nasl
2012-02-13Name : Debian Security Advisory DSA 2405-1 (apache2)
File : nvt/deb_2405_1.nasl
2012-02-12Name : FreeBSD Ports: apache
File : nvt/freebsd_apache20.nasl
2012-02-03Name : Mandriva Update for apache MDVSA-2012:012 (apache)
File : nvt/gb_mandriva_MDVSA_2012_012.nasl
2012-01-13Name : Mandriva Update for apache MDVSA-2012:003 (apache)
File : nvt/gb_mandriva_MDVSA_2012_003.nasl
2011-11-15Name : Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
File : nvt/gb_apache_50639.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-A-0174Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0061135
2015-A-0149Multiple Vulnerabilities in Juniper Networks and Security Manager(NSM) Appliance
Severity : Category I - VMSKEY : V0061101
2014-A-0172Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0057381
2014-A-0114Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0053307
Hide | Show 6 More...
idDescription
2014-A-0084Multiple Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0052631
2014-B-0065Multiple Vulnerabilities in IBM WebSphere Application Server
Severity : Category I - VMSKEY : V0051617
2014-A-0030Apple Mac OS X Security Update 2014-001
Severity : Category I - VMSKEY : V0044547
2014-A-0009Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0043395
2013-A-0177Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0040288
2013-A-0146Multiple Security Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0039573

Snort® IPS/IDS

DateDescription
2018-06-05HTTP request smuggling attempt
RuleID : 46495 - Type : SERVER-OTHER - Revision : 4
2017-12-13Apache HTTP Server possible mod_dav.c remote denial of service vulnerability ...
RuleID : 44808 - Type : INDICATOR-COMPROMISE - Revision : 2
2017-10-26Apache HTTP Server possible OPTIONS method memory leak attempt
RuleID : 44434 - Type : SERVER-APACHE - Revision : 5
2017-08-31Apache mod_auth_digest out of bounds read attempt
RuleID : 43790 - Type : SERVER-OTHER - Revision : 2
2017-08-17Multiple products HTTP connection header overflow attempt
RuleID : 43587 - Type : SERVER-WEBAPP - Revision : 4
Hide | Show 13 More...
DateDescription
2017-08-15httpd mod_mime content-type buffer overflow attempt
RuleID : 43547 - Type : SERVER-APACHE - Revision : 2
2016-07-28HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737-community - Type : SERVER-WEBAPP - Revision : 2
2016-08-31HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737 - Type : SERVER-WEBAPP - Revision : 2
2016-04-05Apache HTTP server potential cookie disclosure attempt
RuleID : 37968 - Type : SERVER-WEBAPP - Revision : 1
2015-09-01Apache HTTP Server mod_status heap buffer overflow attempt
RuleID : 35406 - Type : SERVER-APACHE - Revision : 4
2015-05-12Apache mod_log_config cookie handling denial of service attempt
RuleID : 34048 - Type : SERVER-APACHE - Revision : 2
2014-01-10Apache mod_proxy_balancer cross site scripting attempt
RuleID : 26431 - Type : SERVER-WEBAPP - Revision : 3
2014-01-10Apache mod_log_config cookie handling denial of service attempt
RuleID : 24698 - Type : SERVER-APACHE - Revision : 6
2014-01-10Apache mod_log_config cookie handling denial of service attempt
RuleID : 24697 - Type : SERVER-APACHE - Revision : 7
2014-01-10Apache server mod_proxy reverse proxy bypass attempt
RuleID : 21214 - Type : SERVER-APACHE - Revision : 11
2014-01-10Apache server mod_proxy reverse proxy exposure attempt
RuleID : 20580 - Type : WEB-MISC - Revision : 2
2014-01-10Apache mod_proxy reverse proxy information disclosure attempt
RuleID : 20528 - Type : SERVER-APACHE - Revision : 13
2014-01-10Apache mod_ssl non-SSL connection to SSL port denial of service attempt
RuleID : 11263 - Type : SERVER-APACHE - Revision : 8

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-eec13e2e8d.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-6744ca470d.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2478.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2972.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0027.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-1_0-0126.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0037.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0039.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1212.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1213.nasl - Type : ACT_GATHER_INFO
2018-05-31Name : The remote Debian host is missing a security update.
File : debian_DLA-1389.nasl - Type : ACT_GATHER_INFO
2018-05-24Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL75429050.nasl - Type : ACT_GATHER_INFO
2018-05-14Name : The remote Fedora host is missing a security update.
File : fedora_2018-e6d9251471.nasl - Type : ACT_GATHER_INFO
2018-05-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1004.nasl - Type : ACT_GATHER_INFO
2018-04-30Name : The remote Fedora host is missing a security update.
File : fedora_2018-63de5f3f6b.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-0a95bff197.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-375e3244b6.nasl - Type : ACT_GATHER_INFO
2018-04-04Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4164.nasl - Type : ACT_GATHER_INFO
2018-03-30Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_4_30.nasl - Type : ACT_GATHER_INFO
2018-03-27Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f38187e72f6e11e88f07b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2018-03-21Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa_10838.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-fdd3a98e8f.nasl - Type : ACT_GATHER_INFO
2017-12-26Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL34125394.nasl - Type : ACT_GATHER_INFO
2017-12-26Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL83043359.nasl - Type : ACT_GATHER_INFO
2017-12-07Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13_2.nasl - Type : ACT_GATHER_INFO