Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Required

Privileges Required

None

Attack Vector

Network

1

CVE-2019-10092

Disclosure Date: September 26, 2019 •

CVE-2019-10092 CVSS v3 Base Score: 6.1

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

6.1 Medium

Impact Score:

2.7

Exploitability Score:

2.8

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

Required

Scope (S):

Changed

Confidentiality (C):

Low

Integrity (I):

Low

Availability (A):

None

Vendors

apache,
canonical,
debian,
fedoraproject,
netapp,
opensuse,
oracle,
redhat

Products

clustered data ontap,
clustered data ontap 9.6,
communications element manager 8.0.0,
communications element manager 8.1.0,
communications element manager 8.1.1,
communications element manager 8.2.0,
debian linux 10.0,
debian linux 8.0,
debian linux 9.0,
enterprise manager ops center 12.3.3,
enterprise manager ops center 12.4.0,
fedora 30,
http server,
leap 15.0,
leap 15.1,
secure global desktop 5.4,
secure global desktop 5.5,
software collection 1.0,
ubuntu linux 16.04,
ubuntu linux 18.04,
ubuntu linux 19.04

References

Canonical

CVE-2019-10092 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092)

Advisory

[httpd-announce] 20190814 CVE-2019-10092: Limited cross-site scripting in mod_proxy (https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94@%3Cannounce.httpd.apache.org%3E)

[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html (https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E)

[oss-security] 20190814 CVE-2019-10092: Limited cross-site scripting in mod_proxy (http://www.openwall.com/lists/oss-security/2019/08/15/4)

FEDORA-2019-099575a123 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC)

DSA-4509 (https://www.debian.org/security/2019/dsa-4509)

20190826 [SECURITY] [DSA 4509-1] apache2 security update (https://seclists.org/bugtraq/2019/Aug/47)

[debian-lts-announce] 20190828 [SECURITY] [DLA 1900-1] apache2 security update (https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html)

USN-4113-1 (https://usn.ubuntu.com/4113-1)

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html

https://security.netapp.com/advisory/ntap-20190905-0003

GLSA-201909-04 (https://security.gentoo.org/glsa/201909-04)

https://support.f5.com/csp/article/K30442259

[debian-lts-announce] 20190930 [SECURITY] [DLA 1900-2] apache2 regression update (https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html)

20191016 [SECURITY] [DSA 4509-3] apache2 security update (https://seclists.org/bugtraq/2019/Oct/24)

https://access.redhat.com/errata/RHSA-2019:4126

[httpd-users] 20200202 Re: [users@httpd] Small difference on error messages (https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4@%3Cusers.httpd.apache.org%3E)

[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html (https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E)

[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html (https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E)

https://httpd.apache.org/security/vulnerabilities_24.html

[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow (http://www.openwall.com/lists/oss-security/2020/08/08/1)

[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow (http://www.openwall.com/lists/oss-security/2020/08/08/9)

FEDORA-2019-099575a123 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/)

USN-4113-1 (https://usn.ubuntu.com/4113-1/)

https://security.netapp.com/advisory/ntap-20190905-0003/

[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ (https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E)

[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/ (https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E)

[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html (https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E)

[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ (https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E)

[httpd-cvs] 20210330 svn commit: r1888194 [12/13] - /httpd/site/trunk/content/security/json/ (https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538@%3Ccvs.httpd.apache.org%3E)

[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ (https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E)

[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ (https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E)

[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html (https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E)

Miscellaneous

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd

Rapid7

Technical Analysis