5.5
CVE-2020-13938
- EPSS 11.77%
- Veröffentlicht 10.06.2021 07:15:07
- Zuletzt bearbeitet 21.11.2024 05:02:11
- Quelle security@apache.org
- CVE-Watchlists
- Unerledigt
Improper Handling of Insufficient Privileges
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apache ≫ HTTP Server Version >= 2.4.0 <= 2.4.46
Mcafee ≫ Epolicy Orchestrator Version < 5.10.0
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Update-
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_1
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_10
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_11
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_12
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_2
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_3
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_4
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_5
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_6
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_7
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_8
Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_9
Netapp ≫ Cloud Backup Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 11.77% | 0.955 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
http://httpd.apache.org/security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E
https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E
https://security.netapp.com/advisory/ntap-20210702-0001/
http://www.openwall.com/lists/oss-security/2021/06/10/3
https://kc.mcafee.com/corporate/index?page=content&id=SB10379
https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30%40%3Cannounce.httpd.apache.org%3E