CVE-2016-4975

Published Aug 14, 2018

Last updated a year ago

CVSS medium 6.1

Overview

Description: Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 (Affected 2.4.1-2.4.23). Fixed in Apache HTTP Server 2.2.32 (Affected 2.2.0-2.2.31).
Source: security@apache.org
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-93

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67AD11FB-529C-404E-A13B-284F145322B8"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCBBB7FE-35FC-4515-8393-5145339FCE4D"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F519633F-AB68-495A-B85E-FD41F9F752CA"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A894BED6-C97D-4DA4-A13D-9CB2B3306BC5"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34A847D1-5AD5-4EFD-B165-7602AFC1E656"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AF3A0F5-4E5C-4278-9927-1F94F25CCAFC"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB63EBE5-CF14-491E-ABA5-67116DFE3E5B"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C2A33DE-F55F-4FD8-BB00-9C1E006CA65C"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1CF6394-95D9-42AF-A442-385EFF9CEFE1"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02B629FB-88C8-4E85-A137-28770F1E524E"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03550EF0-DF89-42FE-BF0E-994514EBD947"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4886CCAB-6D4E-45C7-B177-2E8DBEA15531"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C35631AC-7C35-4F6A-A95A-3B080E5210ED"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CED2BA6-BE5E-4EF1-88EB-0DADD23D2EEF"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A71F4154-AD20-4EEA-9E2E-D3385C357DA5"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0B8C9DB-401E-42B3-BAED-D09A96DE9A90"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "062C20A0-05A0-4164-8330-DF6ADFE607F4"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D345BA35-93BB-406F-B5DC-86E49FB29C22"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ED4892F-C829-4BEA-AB82-6A78F6F2426D"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00128AAD-E746-4DCD-8676-1381E5232220"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE0D7ABB-DE11-40D6-8AAF-C626DD7E3914"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5252544F-7BDD-42EE-856E-B351B4B6D381"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58375DE5-F7EC-400D-84A2-CD70B72C4F63"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15233815-C037-41BB-A447-A078F83A93F6"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5444C583-CF83-4ECD-8DF8-66D8C1FCF096"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C306D07-9DF3-4AD1-9984-ECA094D0F50E"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.2.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "513A1C46-80FF-489C-AD31-F8F790C6D6C9"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FCD3C8C-9BF8-4F30-981A-593EEAEB9EDD"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "046487A3-752B-4D0F-8984-96486B828EAB"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89D2E052-51CD-4B57-A8B8-FAE51988D654"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAA27058-BACF-4F94-8E3C-7D38EC302EC1"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FEAB0DF-04A9-4F99-8666-0BADC5D642B8"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7D924D1-8A36-4C43-9E56-52814F9A6350"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39CDFECC-E26D-47E0-976F-6629040B3764"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3ECBCB1-0675-41F5-857B-438F36925F63"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB6CBFBF-74F6-42AF-BC79-AA53EA75F00B"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8717A96B-9DB5-48D6-A2CF-A5E2B26AF3F3"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1F45B27-504B-4202-87B8-BD3B094003F1"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2FB2B98-DFD2-420A-8A7F-9B288651242F"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B803D25B-0A19-4569-BA05-09D58F33917C"
          },
          {
            "criteria": "cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8510442C-212F-4013-85FA-E0AB59F6F2C6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References