Vulnerability CVE-2021-33193

Vulnerability Name:

CVE-2021-33193 (CCN-207923)

Assigned:

2021-05-27

Published:

2021-05-27

Updated:

2023-03-03

Summary:

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.3 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-33193

Source: XF
Type: UNKNOWN
apache-cve202133193-request-splitting(207923)

Source: CCN
Type: Apache GIT Repository
HTTP/2

Source: security@apache.org
Type: Patch, Third Party Advisory
security@apache.org

Source: security@apache.org
Type: Mailing List, Patch, Vendor Advisory
security@apache.org

Source: security@apache.org
Type: Mailing List, Patch, Vendor Advisory
security@apache.org

Source: security@apache.org
Type: UNKNOWN
security@apache.org

Source: security@apache.org
Type: Mailing List, Third Party Advisory
security@apache.org

Source: security@apache.org
Type: Mailing List, Third Party Advisory
security@apache.org

Source: security@apache.org
Type: Exploit, Third Party Advisory
security@apache.org

Source: security@apache.org
Type: Third Party Advisory
security@apache.org

Source: security@apache.org
Type: Third Party Advisory
security@apache.org

Source: CCN
Type: Cisco Security Advisory cisco-sa-apache-httpd-2.4.49-VWL69sWQ
Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021

Source: security@apache.org
Type: Third Party Advisory
security@apache.org

Source: CCN
Type: IBM Security Bulletin 6492615 (i)
Multiple vulnerabilities in Apache HTTP Server affect IBM i

Source: CCN
Type: IBM Security Bulletin 6541322 (Rational Build Forge)
IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-33193)

Source: CCN
Type: IBM Security Bulletin 6618941 (Aspera Faspex)
IBM Aspera Faspex 4.4.2 has addressed multiple security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6840311 (Power HMC)
Vulnerabilities in Apache HTTP (CVE-2021-33193 and CVE-2021-44224) affects Power HMC

Source: CCN
Type: IBM Security Bulletin 6952493 (Aspera Orchestrator)
IBM Aspera Orchestrator affected by HTTP request splitting attack due to Apache HTTP Server vulnerability (CVE-2021-33193)

Source: security@apache.org
Type: Patch, Third Party Advisory
security@apache.org

Source: security@apache.org
Type: Patch, Third Party Advisory
security@apache.org

Source: security@apache.org
Type: Third Party Advisory
security@apache.org

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:http_server:2.4.17:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:2.4.48:*:*:*:*:*:*:*

AND

cpe:/a:ibm:rational_build_forge:8.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:hardware_management_console:9.2.950.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:aspera_faspex:4.4.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7988	P	apache-commons-text-1.10.0-150200.5.5.4 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:8052	P	perl-DNS-LDNS-1.7.0-150000.4.8.1 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7434	P	apache2-2.4.51-150400.6.11.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7482	P	dirmngr-2.2.27-150300.3.5.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:772	P	Security update for oniguruma (Important)	2022-09-21
oval:org.opensuse.security:def:95377	P	Security update for tiff (Low)	2022-08-03
oval:org.opensuse.security:def:3482	P	emacs-24.3-25.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3673	P	libsndfile1-1.0.25-36.16.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3463	P	cups-1.7.5-20.23.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2862	P	apache2-2.4.51-150400.4.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94492	P	apache2-2.4.51-150400.4.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94594	P	ldb-tools-2.4.1-150400.2.5 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95093	P	apache2-devel-2.4.51-150400.4.6 on GA media (Moderate)	2022-06-22
oval:com.redhat.rhsa:def:20221915	P	RHSA-2022:1915: httpd:2.4 security and bug fix update (Moderate)	2022-05-10
oval:org.opensuse.security:def:102090	P	Security update for python-Twisted (Moderate)	2022-04-29
oval:org.opensuse.security:def:100057	P	(Moderate)	2022-03-30
oval:org.opensuse.security:def:98958	P	Security update for conmon, libcontainers-common, libseccomp, podman (Moderate)	2022-03-04
oval:org.opensuse.security:def:6166	P	Security update for wpa_supplicant (Important)	2022-03-01
oval:org.opensuse.security:def:99746	P	(Critical)	2022-02-11
oval:org.opensuse.security:def:99153	P	(Important)	2021-10-25
oval:org.opensuse.security:def:8660	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:70488	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:106723	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:9598	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:92597	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:69738	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:106038	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:8847	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:92008	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:9797	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:99348	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:92796	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:69937	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:106237	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:9042	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:92203	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:105648	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:10161	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:99547	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:70301	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:106436	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:9407	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:92398	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:69547	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:105843	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:10348	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:111047	P	Security update for apache2 (Important)	2021-09-07
oval:org.opensuse.security:def:68571	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:101503	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:76323	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:102759	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:64762	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:99991	P	(Important)	2021-09-03
oval:org.opensuse.security:def:73693	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:96069	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:107973	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:69077	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:102061	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:111705	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:99141	P	(Important)	2021-09-03
oval:org.opensuse.security:def:117487	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:1481	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:66918	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:100327	P	(Important)	2021-09-03
oval:org.opensuse.security:def:73884	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:101307	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:5829	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:108756	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:69141	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:102205	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:99413	P	(Important)	2021-09-03
oval:org.opensuse.security:def:118521	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:1629	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:67255	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:100656	P	(Important)	2021-09-03
oval:org.opensuse.security:def:75986	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:109425	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:64571	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:99676	P	(Important)	2021-09-03
oval:org.opensuse.security:def:5103	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:26116	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:58817	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:32994	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:87458	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:60350	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:34527	P	Security update for apache2 (Important)	2021-09-02

BACK