CVE-2014-0240 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.2 UNKNOWN	LOCAL	HIGH		AV:L/AC:H/Au:N/C:C/I:C/A:C
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 18%

Vendor	Product	Version
modwsgi	mod_wsgi	𝑥 ≤ 3.4
modwsgi	mod_wsgi	1.0
modwsgi	mod_wsgi	1.1
modwsgi	mod_wsgi	1.2
modwsgi	mod_wsgi	1.3
modwsgi	mod_wsgi	1.4
modwsgi	mod_wsgi	1.5
modwsgi	mod_wsgi	1.6
modwsgi	mod_wsgi	2.0
modwsgi	mod_wsgi	2.1
modwsgi	mod_wsgi	2.2
modwsgi	mod_wsgi	2.3
modwsgi	mod_wsgi	2.4
modwsgi	mod_wsgi	2.5
modwsgi	mod_wsgi	2.6
modwsgi	mod_wsgi	2.7
modwsgi	mod_wsgi	2.8
modwsgi	mod_wsgi	3.0
modwsgi	mod_wsgi	3.1
modwsgi	mod_wsgi	3.2
modwsgi	mod_wsgi	3.3

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

mod-wsgi

bullseye	4.7.1-3+deb11u1 fixed
bookworm	4.9.4-1 fixed
sid	5.0.0-1 fixed
trixie	5.0.0-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

mod-wsgi

trusty	Fixed 3.4-4ubuntu2.1.14.04.1 released
saucy	Fixed 3.4-4ubuntu2.1.13.10.1 released
precise	Fixed 3.3-4ubuntu0.1 released
lucid	ignored

Common Weakness Enumeration

CWE-264 -

References

http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html

http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html

http://rhn.redhat.com/errata/RHSA-2014-0789.html

http://secunia.com/advisories/59551

http://secunia.com/advisories/60094

http://www.openwall.com/lists/oss-security/2014/05/21/1

http://www.securityfocus.com/bid/67532

http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html

http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html

http://rhn.redhat.com/errata/RHSA-2014-0789.html

http://secunia.com/advisories/59551

http://secunia.com/advisories/60094

http://www.openwall.com/lists/oss-security/2014/05/21/1

http://www.securityfocus.com/bid/67532