CVE-2004-2343

EPSS 0.17%
Veröffentlicht 31.12.2004 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apache ≫ HTTP Server Version <= 2.0.47

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.17%	0.383

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://archives.neohapsis.com/archives/bugtraq/2004-02/0043.html

Vendor Advisory

http://archives.neohapsis.com/archives/bugtraq/2004-02/0064.html

http://archives.neohapsis.com/archives/bugtraq/2004-02/0120.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/15015

https://nvd.nist.gov/vuln/detail/CVE-2004-2343

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-2343

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-2343

EUVD