#VU8907 Improper access control in Red Hat Enterprise Linux for x86_64 - CVE-2017-12171

Cybersecurity Help s.r.o.

Published: 2017-10-20

Vulnerability identifier: #VU8907

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-12171

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Red Hat Enterprise Linux for x86_64
Operating systems & Components / Operating system

Vendor: Red Hat Inc.

Description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists in Apache HTTPD on Red Hat Enterprise Linux due to improper parsing of comments in the "Allow" and "Deny" configuration lines. A remote attacker can bypass security restrictions and access an ostensibly restricted HTTP resource.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for x86_64: 6.9

External links
https://access.redhat.com/security/cve/CVE-2017-12171

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)

Amazon Linux AMI update for httpd

Security restrictions bypass in Red Hat Enterprise Linux

Red Hat update for httpd