CVE-2016-8612

Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
apachehttp_server
𝑥
< 2.4.23
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
netappstorage_automation_store
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://www.securityfocus.com/bid/94939
https://access.redhat.com/errata/RHSA-2017:0193
https://access.redhat.com/errata/RHSA-2017:0194
https://bugzilla.redhat.com/show_bug.cgi?id=1387605
https://security.netapp.com/advisory/ntap-20180601-0005/
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://www.securityfocus.com/bid/94939
https://access.redhat.com/errata/RHSA-2017:0193
https://access.redhat.com/errata/RHSA-2017:0194
https://bugzilla.redhat.com/show_bug.cgi?id=1387605
https://security.netapp.com/advisory/ntap-20180601-0005/