CVE-2019-0211
HIGHCVSS 7.8/10Actively ExploitedEPSS 65.00%
Last modified
CVE-2019-0211 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.. CISA has confirmed active exploitation in the wild. EPSS estimates a 65.00% chance of exploitation in the next 30 days.
Description
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitation Status
This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by .
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apache | Http Server | >= 2.4.17, <= 2.4.38 |
| Fedoraproject | Fedora | 28 |
| Fedoraproject | Fedora | 29 |
| Fedoraproject | Fedora | 30 |
| Canonical | Ubuntu Linux | 14.04 |
| Canonical | Ubuntu Linux | 16.04 |
| Canonical | Ubuntu Linux | 18.04 |
| Canonical | Ubuntu Linux | 18.10 |
| Debian | Debian Linux | 9.0 |
| Opensuse | Leap | 15.0 |
| Opensuse | Leap | 42.3 |
| Netapp | Oncommand Unified Manager | All versions |
| Redhat | Jboss Core Services | 1.0 |
| Redhat | Openshift Container Platform | 3.11 |
| Redhat | Openshift Container Platform For Power | 3.11_ppc64le |
| Redhat | Software Collections | 1.0 |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux Eus | 8.1 |
| Redhat | Enterprise Linux Eus | 8.2 |
| Redhat | Enterprise Linux Eus | 8.4 |
| Redhat | Enterprise Linux Eus | 8.6 |
| Redhat | Enterprise Linux Eus | 8.8 |
| Redhat | Enterprise Linux For Arm 64 | 8.0_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.1_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.2_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.4_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.6_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.8_aarch64 |
| Redhat | Enterprise Linux For Ibm Z Systems | 8.0_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.1_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.2_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.4_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.6_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.8_s390x |
| Redhat | Enterprise Linux For Power Little Endian | 8.0_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.1_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.2_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.4_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.6_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.8_ppc64le |
| Redhat | Enterprise Linux Server Aus | 8.2 |
| Redhat | Enterprise Linux Server Aus | 8.4 |
| Redhat | Enterprise Linux Server Aus | 8.6 |
| Redhat | Enterprise Linux Server Tus | 8.2 |
| Redhat | Enterprise Linux Server Tus | 8.4 |
| Redhat | Enterprise Linux Server Tus | 8.6 |
| Redhat | Enterprise Linux Server Tus | 8.8 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.0 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.1 |
| Redhat | Enterprise Linux Update Services For Sap Solutions | 8.4 |
Showing 50 of 68 affected configurations. See NVD for the full list.
References
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.htmlBroken Link, Mailing List, Release Notes, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.htmlBroken Link, Mailing List, Release Notes, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.htmlBroken Link, Third Party Advisory
- http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.htmlExploit, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.htmlExploit, Third Party Advisory, VDB Entry
- http://www.apache.org/dist/httpd/CHANGES_2.4.39Broken Link, Vendor Advisory
- http://www.openwall.com/lists/oss-security/2019/04/02/3Mailing List, Third Party Advisory
- http://www.securityfocus.com/bid/107666Broken Link, Third Party Advisory, VDB Entry
- https://access.redhat.com/errata/RHBA-2019:0959Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:0746Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:0980Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1296Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1297Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1543Third Party Advisory
- https://httpd.apache.org/security/vulnerabilities_24.htmlVendor Advisory
- https://seclists.org/bugtraq/2019/Apr/16Mailing List, Patch, Third Party Advisory
- https://seclists.org/bugtraq/2019/Apr/5Mailing List, Third Party Advisory
- https://security.gentoo.org/glsa/201904-20Third Party Advisory
- https://security.netapp.com/advisory/ntap-20190423-0001/Third Party Advisory
- https://support.f5.com/csp/article/K32957101Third Party Advisory
- https://usn.ubuntu.com/3937-1/Third Party Advisory
- https://www.debian.org/security/2019/dsa-4422Mailing List, Third Party Advisory
- https://www.exploit-db.com/exploits/46676/Exploit, Third Party Advisory, VDB Entry
- https://www.oracle.com/security-alerts/cpuapr2020.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlPatch, Third Party Advisory
- https://www.synology.com/security/advisory/Synology_SA_19_14Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.htmlBroken Link, Mailing List, Release Notes, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.htmlBroken Link, Mailing List, Release Notes, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.htmlBroken Link, Third Party Advisory
- http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.htmlExploit, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.htmlExploit, Third Party Advisory, VDB Entry
- http://www.apache.org/dist/httpd/CHANGES_2.4.39Broken Link, Vendor Advisory
- http://www.openwall.com/lists/oss-security/2019/04/02/3Mailing List, Third Party Advisory
- http://www.securityfocus.com/bid/107666Broken Link, Third Party Advisory, VDB Entry
- https://access.redhat.com/errata/RHBA-2019:0959Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:0746Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:0980Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1296Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1297Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1543Third Party Advisory
- https://httpd.apache.org/security/vulnerabilities_24.htmlVendor Advisory
- https://seclists.org/bugtraq/2019/Apr/16Mailing List, Patch, Third Party Advisory
- https://seclists.org/bugtraq/2019/Apr/5Mailing List, Third Party Advisory
- https://security.gentoo.org/glsa/201904-20Third Party Advisory
- https://security.netapp.com/advisory/ntap-20190423-0001/Third Party Advisory
- https://support.f5.com/csp/article/K32957101Third Party Advisory
- https://usn.ubuntu.com/3937-1/Third Party Advisory
- https://www.debian.org/security/2019/dsa-4422Mailing List, Third Party Advisory
- https://www.exploit-db.com/exploits/46676/Exploit, Third Party Advisory, VDB Entry
- https://www.oracle.com/security-alerts/cpuapr2020.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlPatch, Third Party Advisory
- https://www.synology.com/security/advisory/Synology_SA_19_14Third Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0211US Government Resource
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2019-0211?
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
How severe is CVE-2019-0211?
CVE-2019-0211 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 65.00% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.
How do I fix CVE-2019-0211?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2019-0211?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST