CVE-2004-2343

EPSS 0.17%
Published 31.12.2004 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Apache ≫ HTTP Server Version <= 2.0.47

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.17%	0.383

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://archives.neohapsis.com/archives/bugtraq/2004-02/0043.html

Vendor Advisory

http://archives.neohapsis.com/archives/bugtraq/2004-02/0064.html

http://archives.neohapsis.com/archives/bugtraq/2004-02/0120.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/15015

https://nvd.nist.gov/vuln/detail/CVE-2004-2343

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-2343

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-2343

EUVD