5
CVE-2013-2178
- EPSS 0.83%
- Published 28.08.2013 23:55:10
- Last modified 11.04.2025 00:51:21
- Source secalert@redhat.com
- CVE-Watchlists
- Open
LoginThe apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.
Data is provided by the National Vulnerability Database (NVD)
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.83% | 0.723 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.