Multiple vulnerabilities in Apache HTTP Server
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2021-31618 CVE-2021-30641 CVE-2020-35452 CVE-2021-26691 CVE-2021-26690 CVE-2020-13950 CVE-2020-13938 CVE-2019-17567 |
| CWE-ID | CWE-476 CWE-20 CWE-121 CWE-269 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Apache HTTP Server Server applications / Web servers |
| Vendor | Apache Foundation |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) NULL pointer dereference
EUVDB-ID: #VU53773
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-31618
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in mod_http2 in Apache HTTP server. A remote attacker can send specially crafted request to the server and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache HTTP Server: 2.4 - 2.4.47
CPE2.3- cpe:2.3:a:apache_foundation:apache_http_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0.0:*:*:*:*:*:*:*
https://downloads.apache.org/httpd/CHANGES_2.4.48
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU53774
Risk: Medium
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-30641
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to incorrect parsing of Apache configuration files. An unexpected
Install updates from vendor's website.
Vulnerable software versionsApache HTTP Server: 2.4 - 2.4.46
CPE2.3- cpe:2.3:a:apache_foundation:apache_http_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0.0:*:*:*:*:*:*:*
https://downloads.apache.org/httpd/CHANGES_2.4.48
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Stack-based buffer overflow
EUVDB-ID: #VU53775
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-35452
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing Digest nounces in mod_auth_digest. A remote unauthenticated attacker can send a specially crafted HTTP request, trigger stack overflow by one nul byte and crash the server.
Install updates from vendor's website.
Vulnerable software versionsApache HTTP Server: 2.4 - 2.4.46
CPE2.3- cpe:2.3:a:apache_foundation:apache_http_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0.0:*:*:*:*:*:*:*
https://downloads.apache.org/httpd/CHANGES_2.4.48
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) NULL pointer dereference
EUVDB-ID: #VU53776
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-26691
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in mod_session. A a malicious backend server or SessionHeader can trigger a denial of service (DoS) condition.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache HTTP Server: 2.4 - 2.4.46
CPE2.3- cpe:2.3:a:apache_foundation:apache_http_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0.0:*:*:*:*:*:*:*
https://downloads.apache.org/httpd/CHANGES_2.4.48
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) NULL pointer dereference
EUVDB-ID: #VU53777
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-26690
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in mod_session. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache HTTP Server: 2.4 - 2.4.46
CPE2.3- cpe:2.3:a:apache_foundation:apache_http_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0.0:*:*:*:*:*:*:*
https://downloads.apache.org/httpd/CHANGES_2.4.48
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) NULL pointer dereference
EUVDB-ID: #VU53778
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-13950
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in mod_proxy_http. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache HTTP Server: 2.4 - 2.4.46
CPE2.3- cpe:2.3:a:apache_foundation:apache_http_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0.0:*:*:*:*:*:*:*
https://downloads.apache.org/httpd/CHANGES_2.4.48
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper Privilege Management
EUVDB-ID: #VU53779
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-13938
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to stop the service.
The vulnerability exists due to improper privilege management. A local user can on the Windows system can stop the Apache HTTP server service.
Install updates from vendor's website.
Vulnerable software versionsApache HTTP Server: 2.4 - 2.4.46
CPE2.3- cpe:2.3:a:apache_foundation:apache_http_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0.0:*:*:*:*:*:*:*
https://downloads.apache.org/httpd/CHANGES_2.4.48
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Security restrictions bypass
EUVDB-ID: #VU53780
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-17567
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to unspecified error within the mod_proxy_wstunnel and mod_proxy_http modules. If mod_proxy_wstunnel is configured on an URL that is not necessarily Upgraded by the origin server and is tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.
MitigationInstall updates from vendor's website.
Vulnerable software versionsApache HTTP Server: 2.4 - 2.4.46
CPE2.3- cpe:2.3:a:apache_foundation:apache_http_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:apache_http_server:2.4.0.0:*:*:*:*:*:*:*
https://downloads.apache.org/httpd/CHANGES_2.4.48
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
