Vulnerability Name: | CVE-2022-28615 (CCN-228340) |
Assigned: | 2022-06-08 |
Published: | 2022-06-08 |
Updated: | 2022-08-24 |
Summary: | Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected. |
CVSS v3 Severity: | 9.1 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) 7.9 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): High Integrity (I): None Availibility (A): High | 6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) 5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): None Availibility (A): Low | 7.4 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H) 6.4 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): High Integrity (I): None Availibility (A): High |
|
CVSS v2 Severity: | 6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial | 6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial |
|
Vulnerability Type: | CWE-190 CWE-125
|
Vulnerability Consequences: | Obtain Information |
References: | Source: MITRE Type: CNA CVE-2022-28615
Source: MLIST Type: Mailing List, Third Party Advisory [oss-security] 20220608 CVE-2022-28615: Apache HTTP Server: Read beyond bounds in ap_strcmp_match()
Source: XF Type: UNKNOWN apache-http-cve202228615-info-disc(228340)
Source: CCN Type: Apache Web site Read beyond bounds in ap_strcmp_match()
Source: MISC Type: Vendor Advisory https://httpd.apache.org/security/vulnerabilities_24.html
Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2022-b54a8dee29
Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2022-e620fb15d5
Source: CCN Type: oss-sec Mailing List, Wed, 08 Jun 2022 09:43:54 +0000 CVE-2022-28615: Apache HTTP Server: Read beyond bounds in ap_strcmp_match()
Source: GENTOO Type: Third Party Advisory GLSA-202208-20
Source: CONFIRM Type: Third Party Advisory https://security.netapp.com/advisory/ntap-20220624-0005/
Source: CCN Type: IBM Security Bulletin 6595149 (HTTP Server) Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server
Source: CCN Type: IBM Security Bulletin 6607876 (i) IBM HTTP Server (powered by Apache) for IBM i is vulnerable to bypass security restrictions and obtain sensitive information due to multiple vulnerabilities.
Source: CCN Type: IBM Security Bulletin 6607888 (Tivoli Monitoring) Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server
Source: CCN Type: IBM Security Bulletin 6610841 (Security SiteProtector System) IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities
Source: CCN Type: IBM Security Bulletin 6837599 (App Connect Enterprise Certified Container) IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality due to CVE-2022-28615
Source: CCN Type: IBM Security Bulletin 6952319 (Aspera Faspex) IBM Aspera Faspex 4.4.2 PL2 has addressed multiple vulnerabilities (CVE-2022-28330, CVE-2023-22868, CVE-2022-30556, CVE-2022-31813, CVE-2022-30522, CVE-2022-47986, CVE-2022-28615, CVE-2022-26377, CVE-2018-25032, CVE-2022-2068)
Source: CCN Type: IBM Security Bulletin 6952371 (Aspera Orchestrator) IBM Aspera Orchestrator affected by vulnerability (CVE-2022-28615)
|
Vulnerable Configuration: | Configuration 1: cpe:/a:apache:http_server:*:*:*:*:*:*:*:* (Version <= 2.4.53) Configuration 2: cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:* Configuration 3: cpe:/a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:* Configuration RedHat 1: cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:* Configuration RedHat 2: cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:* Configuration RedHat 3: cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:* Configuration RedHat 4: cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:* Configuration CCN 1: cpe:/a:apache:http_server:2.4.18:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.20:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.23:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.29:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.33:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.25:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.26:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.27:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.28:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.34:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.35:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.37:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.38:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.39:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.41:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.43:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.46:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.48:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.49:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.50:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.51:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.52:*:*:*:*:*:*:*OR cpe:/a:apache:http_server:2.4.53:*:*:*:*:*:*:*AND cpe:/a:ibm:http_server:7.0:*:*:*:*:*:*:*OR cpe:/a:ibm:http_server:8.0:*:*:*:*:*:*:*OR cpe:/a:ibm:http_server:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_siteprotector_system:3.1.1:*:*:*:*:*:*:*OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*OR cpe:/o:ibm:i:7.5:*:*:*:*:*:*:*OR cpe:/a:ibm:aspera_faspex:4.4.1:*:*:*:*:*:*:*OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.1:*:*:*:*:*:*:*OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.2:*:*:*:*:*:*:*OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:*OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.1:*:*:*:*:*:*:*OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.2:*:*:*:*:*:*:*OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.0:*:*:*:*:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |
apache http server *
fedoraproject fedora 35
fedoraproject fedora 36
netapp clustered data ontap -
apache http server 2.4.18
apache http server 2.4.20
apache http server 2.4.23
apache http server 2.4.29
apache http server 2.4.33
apache http server 2.4.25
apache http server 2.4.26
apache http server 2.4.27
apache http server 2.4.28
apache http server 2.4.34
apache http server 2.4.35
apache http server 2.4.37
apache http server 2.4.38
apache http server 2.4.39
apache http server 2.4.41
apache http server 2.4.43
apache http server 2.4.46
apache http server 2.4.48
apache http server 2.4.49
apache http server 2.4.50
apache http server 2.4.51
apache http server 2.4.52
apache http server 2.4.53
ibm http server 7.0
ibm http server 8.0
ibm http server 8.5
ibm tivoli monitoring 6.3.0
ibm i 7.2
ibm security siteprotector system 3.1.1
ibm i 7.3
ibm i 7.4
ibm i 7.5
ibm aspera faspex 4.4.1
ibm app connect enterprise certified container 4.1
ibm app connect enterprise certified container 4.2
ibm app connect enterprise certified container 5.0
ibm app connect enterprise certified container 5.1
ibm app connect enterprise certified container 5.2
ibm app connect enterprise certified container 6.0