5.3
CVSSv3

CVE-2018-1283

Published: 26/03/2018 Updated: 24/08/2020
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server

debian debian linux 8.0

debian debian linux 9.0

canonical ubuntu linux 14.04

canonical ubuntu linux 16.04

canonical ubuntu linux 17.10

canonical ubuntu linux 18.04

netapp santricity cloud connector -

netapp storage automation store -

netapp storagegrid -

netapp clustered data ontap -

redhat enterprise linux 6.0

redhat enterprise linux 7.0

redhat enterprise linux 7.4

redhat enterprise linux 7.5

redhat enterprise linux 7.6

Vendor Advisories

Synopsis Moderate: httpd security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for httpd is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
It has been discovered that the mod_session module of Apache HTTP Server (httpd), through version 2429, has an improper input validation flaw in the way it handles HTTP session headers in some configurations A remote attacker may influence their content by using a "Session" header ...
In Apache httpd 220 before 2430, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is als ...
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2429 security update Type/Severity Security Advisory: Important Topic An update is now available for JBoss Core Services on RHEL 6 and RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common ...
Several security issues were fixed in the Apache HTTP Server ...
Several security issues were fixed in the Apache HTTP Server ...
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2429 SP1 security update Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services Pack Apache Server 2429 Service Pack 1 packages for Microsoft Windows and Oracle Solaris are now availableRed Hat Product Security has ...
Several vulnerabilities have been found in the Apache HTTPD server CVE-2017-15710 Alex Nichols and Jakob Hirsch reported that mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, could cause an out of bound write if supplied with a crafted Accept-Language header This could potentially be used for a Denial of Service attack ...
Summary Apache HTTP Server (httpd) mod_session module has an improper input validation flaw in the way it handles HTTP session headers in some configurations A remote attacker may influence their content by using a "Session" header When mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a ...
Arch Linux Security Advisory ASA-201804-4 ========================================= Severity: Medium Date : 2018-04-04 CVE-ID : CVE-2017-15710 CVE-2017-15715 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 Package : apache Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-664 ...
Synopsis Moderate: httpd24 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of ...
Use-after-free on HTTP/2 stream shutdownWhen an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2430 could have written a NULL pointer potentially to an already freed memory The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team ...
Symantec Network Protection products using affected versions of Apache httpd are susceptible to multiple security vulnerabilities A remote attacker can obtain sensitive information, bypass intended security restrictions, modify session information in CGI applications, replay authenticated HTTP requests, and cause denial of service ...
Oracle Solaris Third Party Bulletin - April 2018 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical ...
Tenablesc leverages third-party software to help provide underlying functionality Three separate third-party components (OpenSSL, Apache HTTP Server, SimpleSAMLphp) were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bun ...