CVE-2019-10092

Description

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.

Related CPE's

aapachehttp_server********

oopensuseleap15.0*******

oopensuseleap15.1*******

odebiandebian_linux8.0*******

odebiandebian_linux9.0*******

odebiandebian_linux10.0*******

aredhatsoftware_collection1.0*******

ofedoraprojectfedora30*******

ocanonicalubuntu_linux16.04***lts***

ocanonicalubuntu_linux18.04***lts***

References

https://httpd.apache.org/security/vulnerabilities_24.html

Vendor Advisory

[debian-lts-announce] 20190930 [SECURITY] [DLA 1900-2] apache2 regression update

Mailing ListThird Party Advisory

20191016 [SECURITY] [DSA 4509-3] apache2 security update

Mailing ListThird Party Advisory

N/A

PatchThird Party Advisory

RHSA-2019:4126

Third Party Advisory

https://www.oracle.com/security-alerts/cpujan2020.html

PatchThird Party Advisory

[httpd-users] 20200202 Re: [users@httpd] Small difference on error messages

Mailing ListVendor Advisory

[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Mailing ListVendor Advisory

[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Mailing ListVendor Advisory

N/A

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpujul2020.html

PatchThird Party Advisory

[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Mailing ListVendor Advisory

DSA-4509

Third Party Advisory

https://security.netapp.com/advisory/ntap-20190905-0003/

Third Party Advisory

20190826 [SECURITY] [DSA 4509-1] apache2 security update

Mailing ListThird Party Advisory

[oss-security] 20190814 CVE-2019-10092: Limited cross-site scripting in mod_proxy

Mailing ListThird Party Advisory

openSUSE-SU-2019:2051

Mailing ListThird Party Advisory

GLSA-201909-04

Third Party Advisory

FEDORA-2019-099575a123

Mailing ListThird Party Advisory

[httpd-announce] 20190814 CVE-2019-10092: Limited cross-site scripting in mod_proxy

Mailing ListVendor Advisory

USN-4113-1

PatchThird Party Advisory

[debian-lts-announce] 20190828 [SECURITY] [DLA 1900-1] apache2 security update

Mailing ListThird Party Advisory

https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd

ExploitThird Party Advisory

https://support.f5.com/csp/article/K30442259

Third Party Advisory

[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow

Mailing List

[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow

Mailing List

[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Mailing ListThird Party Advisory

[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Mailing ListThird Party Advisory

[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Mailing ListThird Party Advisory

[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Mailing ListThird Party Advisory

[httpd-cvs] 20210330 svn commit: r1888194 [12/13] - /httpd/site/trunk/content/security/json/

Mailing ListThird Party Advisory

[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/

Mailing ListThird Party Advisory

[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Mailing ListThird Party Advisory

[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Mailing ListThird Party Advisory

CvssV3 impact

Version

3.1

VectorString

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AttackVector

NETWORK

AttackComplexity

LOW

PrivilegesRequired

NONE

UserInteraction

REQUIRED

Scope

CHANGED

ConfidentialityImpact

LOW

IntegrityImpact

LOW

AvailabilityImpact

NONE

BaseScore

6.1

BaseSeverity

MEDIUM

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:N/I:P/A:N

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

PARTIAL

AvailabilityImpact

NONE

BaseScore

4.300000190734863

Created by Yello
About Severity.io