Published: 26/07/2018 Updated: 12/02/2023

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 6.5 | Impact Score: 2.5 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0
redhat enterprise linux 6.9
apache http server 2.2.15-60

Synopsis Moderate: httpd security update Type/Severity Security Advisory: Moderate Topic An update for httpd is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which ...

Hash (#) character matches all IPs:A regression was found in httpd, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly A web administrator could unintentionally allow any client to access a restricted HTTP resource (CVE-2017-12171) ...

A regression was found in the Red Hat Enterprise Linux 69 version of httpd, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly A web administrator could unintentionally allow any client to access a restricted HTTP resource ...

CWE-284 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12171 https://access.redhat.com/errata/RHSA-2017:2972 http://www.securitytracker.com/id/1039633 http://www.securityfocus.com/bid/101516 https://access.redhat.com/errata/RHSA-2017:2972 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2017-921.html

CVE-2017-12171

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect