Executive Summary

Informations
NameCVE-2019-0217First vendor Publication2019-04-08
VendorCveLast vendor Modification2019-05-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Cvss Base Score6Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score6.8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217

CWE : Common Weakness Enumeration

%idName
100 %CWE-362Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Application250
Os5
Os2
Os2
Os2
Os1

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/107668
BUGTRAQ https://seclists.org/bugtraq/2019/Apr/5
CONFIRM https://security.netapp.com/advisory/ntap-20190423-0001/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr...
DEBIAN https://www.debian.org/security/2019/dsa-4422
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
MISC https://bugzilla.redhat.com/show_bug.cgi?id=1695020
https://httpd.apache.org/security/vulnerabilities_24.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
MLIST http://www.openwall.com/lists/oss-security/2019/04/02/5
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e8029...
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277...
https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037...
https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html
REDHAT https://access.redhat.com/errata/RHSA-2019:2343
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html
UBUNTU https://usn.ubuntu.com/3937-1/
https://usn.ubuntu.com/3937-2/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
DateInformations
2019-08-23 12:07:43
  • Multiple Updates
2019-08-16 12:06:56
  • Multiple Updates
2019-08-07 12:10:21
  • Multiple Updates
2019-07-24 12:04:59
  • Multiple Updates
2019-05-14 09:18:40
  • Multiple Updates
2019-04-25 00:19:03
  • Multiple Updates
2019-04-24 05:18:59
  • Multiple Updates
2019-04-23 13:19:14
  • Multiple Updates
2019-04-16 21:19:09
  • Multiple Updates
2019-04-11 21:19:29
  • Multiple Updates
2019-04-10 21:19:25
  • Multiple Updates
2019-04-09 05:19:04
  • First insertion