Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2020-9490

Published: 07/08/2020 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Http Server

Vulnerability Summary

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE (CVE-2020-11984) Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. A flaw was found in Apache httpd in versions before 2.4.46. A specially crafted Cache-Digest header triggers negative argument to memmove() that could lead to a crash and denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-9490) Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers. (CVE-2020-11993)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server

oracle instantis enterprisetrack 17.1

oracle instantis enterprisetrack 17.2

oracle instantis enterprisetrack 17.3

oracle hyperion infrastructure technology 11.1.2.4

oracle enterprise manager ops center 12.4.0.0

oracle communications session route manager

oracle communications session report manager

oracle communications element manager

oracle zfs storage appliance kit 8.8

opensuse leap 15.1

opensuse leap 15.2

debian debian linux 10.0

fedoraproject fedora 31

fedoraproject fedora 32

canonical ubuntu linux 18.04

canonical ubuntu linux 20.04

canonical ubuntu linux 16.04

redhat software_collections 1.0

redhat enterprise linux 8.0

redhat enterprise linux eus 8.1

redhat enterprise linux eus 8.2

redhat enterprise linux server tus 8.2

redhat enterprise linux server aus 8.2

redhat openstack 16.1

redhat enterprise linux server tus 8.4

redhat enterprise linux eus 8.4

redhat enterprise linux server aus 8.4

redhat enterprise linux server update services for sap solutions 8.2

redhat enterprise linux server update services for sap solutions 8.4

redhat enterprise linux server update services for sap solutions 8.1

redhat enterprise linux for power little endian eus 8.2

redhat enterprise linux for ibm z systems eus 8.2

redhat enterprise linux for ibm z systems eus 8.1

redhat enterprise linux for power little endian eus 8.1

redhat enterprise linux for power little endian 8.0

redhat enterprise linux for ibm z systems eus 8.4

redhat enterprise linux for ibm z systems 8.0

redhat enterprise linux for power little endian eus 8.4

redhat enterprise linux server for power little endian update services for sap solutions 8.1

redhat enterprise linux server for power little endian update services for sap solutions 8.2

redhat enterprise linux server for power little endian update services for sap solutions 8.4

redhat enterprise linux server for power little endian update services for sap solutions 8.6

redhat enterprise linux server update services for sap solutions 8.6

redhat enterprise linux for ibm z systems eus 8.6

redhat enterprise linux server aus 8.6

redhat enterprise linux server tus 8.6

redhat enterprise linux eus 8.6

redhat enterprise linux for power little endian eus 8.6

redhat openstack for ibm power 16.1

Vendor Advisories

Red Hat: Important: httpd:2.4 security update
Synopsis Important: httpd:24 security update Type/Severity Security Advisory: Important Topic An update for the httpd:24 module is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Red Hat: Important: httpd:2.4 security update
Synopsis Important: httpd:24 security update Type/Severity Security Advisory: Important Topic An update for the httpd:24 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CV ...
Red Hat: Important: httpd:2.4 security update
Synopsis Important: httpd:24 security update Type/Severity Security Advisory: Important Topic An update for the httpd:24 module is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Com ...
Red Hat: Important: httpd24-httpd security update
Synopsis Important: httpd24-httpd security update Type/Severity Security Advisory: Important Topic An update for httpd24-httpd is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Debian Security Advisories: DSA-4757-1 apache2 -- security update
Several vulnerabilities have been found in the Apache HTTPD server CVE-2020-1927 Fabrice Perez reported that certain mod_rewrite configurations are prone to an open redirect CVE-2020-1934 Chamal De Silva discovered that the mod_proxy_ftp module uses uninitialized memory when proxying to a malicious FTP backend CVE-2020-9490 ...
Amazon Linux AMI: ALAS-2020-1418
Apache HTTP server 2432 to 2444 mod_proxy_uwsgi info disclosure and possible RCE (CVE-2020-11984) Apache HTTP Server versions 2420 to 2443 A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards Configuring the HTTP/2 feature vi ...
Amazon Linux 2: ALAS2-2020-1493
Apache HTTP Server versions 2420 to 2443 A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers A flaw was found in Apache http ...
Amazon Linux 2: ALAS2-2020-1490
Apache HTTP server 2432 to 2444 mod_proxy_uwsgi info disclosure and possible RCE A flaw was found in Apache httpd in versions 2432 to 2446 The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service The highest threat from this vulnerability is to data confidentiality and integri ...
Check Point Security Alerts: Apache HTTP Server Request Smuggling (CVE-2020-9490)
Check Point Reference: CPAI-2020-4091 Date Published: 26 Feb 2024 Severity: High ...

Github Repositories

https://github.com/hound672/BlackBox-CI-CD-script

blackbox-scan This tool is a command-line client for the BlackBox API, that can help to integrate Dynamic Application Security Testing (DAST) into a CI/CD pipeline Requirements Python version 362 or above is required to run the tool The use of virtualenv is recommended To install required Python packages, run: pip install -r requirementstxt

Recent Articles

QNAP caught napping as disclosure delay expires, critical NAS bugs revealed
The Register • Thomas Claburn in San Francisco • 02 Apr 2021

Remote code execution hole, arbitrary file writing flaw could make a mess of stored files Data-stealing, password-harvesting, backdoor-opening QNAP NAS malware cruises along at 62,000 infections

Updated Some QNAP network attached storage devices are vulnerable to attack because of two critical vulnerabilities, one that enables unauthenticated remote code execution and another that provides the ability to write to arbitrary files. The vulnerabilities were made known to the Taiwan-based company on October 12, 2020, and on November 29, 2020, by SAM Seamless Network, a connected home security firm. They were found in the QNAP TS-231's latest firmware, version 4.3.6.1446, which SAM claims wa...

Read more...

References

CWE-444https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490https://security.gentoo.org/glsa/202008-04https://security.netapp.com/advisory/ntap-20200814-0005/https://usn.ubuntu.com/4458-1/http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.htmlhttps://www.debian.org/security/2020/dsa-4757https://www.oracle.com/security-alerts/cpuoct2020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-10/msg00081.htmlhttp://packetstormsecurity.com/files/160392/Apache-2.4.43-mod_http2-Memory-Corruption.htmlhttps://www.oracle.com/security-alerts/cpujan2021.htmlhttps://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3Ehttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r97d0faab6ed8fd0d439234b16d05d77b22a07b0c4817e7b3cca419cc%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/ra4da876037477c06f2677d7a1e10b5a8613000fca99c813958070fe9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9e485ce5a01c9dc3d4d785a7d28aa7400ead1e81884034ff1f03cfee%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r0b6541c5fb2f8fb383861333400add7def625bc993300300de0b4f8d%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfed9fea918e090383da33e393eb6c2755fccf05032bd7d6eb4737c9e%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3Ehttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:3726https://www.debian.org/security/2020/dsa-4757https://alas.aws.amazon.com/ALAS-2020-1418.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook