JVNDB-2019-016322
|
Apache HTTP Server �� mod_proxy_wstunnel �ɂ����� HTTP ���N�G�X�g�X�}�O�����O�Ɋւ���Ǝ㐫
|
Apache HTTP Server �� mod_proxy_wstunnel �ɂ́A�I���W���T�[�o�ɂ��A�b�v�O���[�h����Ȃ� URL ���ݒ肳�ꂽ�ہA�ڑ��S�̂��g���l�����O���Ă��邽�߁AHTTP ���N�G�X�g�X�}�O�����O�Ɋւ���Ǝ㐫�����݂��܂��B
|
CVSS v3 �ɂ��[���x ��{�l: 5.3 (�x��) [NVD�l]
- �U�����敪: �l�b�g���[�N
- �U�������̕��G��: ��
- �U���ɕK�v�ȓ������x��: �s�v
- ���p�҂̊֗^: �s�v
- �e���̑z��͈�: �ύX�Ȃ�
- �@�����ւ̉e��(C): �Ȃ�
- ���S���ւ̉e��(I): ��
- �p���ւ̉e��(A): �Ȃ�
CVSS v2 �ɂ��[���x ��{�l: 5.0 (�x��) [NVD�l]
- �U�����敪: �l�b�g���[�N
- �U�������̕��G��: ��
- �U���O�̔F�ؗv��: �s�v
- �@�����ւ̉e��(C): �Ȃ�
- ���S���ւ̉e��(I): �����I
- �p���ւ̉e��(A): �Ȃ�
|
|
Apache Software Foundation
- Apache HTTP Server 2.4.6 ���� 2.4.46
Debian
Fedora Project
�I���N��
- Instantis EnterpriseTrack
- Oracle Enterprise Manager Ops Center
- ZFS Storage Appliance Kit
����
- Cosminexus HTTP Server
- uCosminexus Application Server
- uCosminexus Application Server(64)
- uCosminexus Application Server-R
- uCosminexus Developer
- uCosminexus Primary Server Base
- uCosminexus Primary Server Base(64)
- uCosminexus Service Architect
- uCosminexus Service Platform
- uCosminexus Service Platform(64)
|
�{�Ǝ㐫�̉e�����鐻�i�̏ڍׂɂ��ẮA�x���_���юQ�l�������m�F���������B
|
HTTP �̌��A�܂��͔F�A�F�̐ݒ�Ȃ��Ƀ��N�G�X�g��ʉ߂����\��������܂��B
|
�x���_��萳���ȑ��J����Ă��܂��B�x���_�����Q�Ƃ��ēK�ȑ�����{���Ă��������B
|
Apache Software Foundation
Debian
Fedora Project
�I���N��
����
|
- HTTP ���N�G�X�g�X�}�O�����O(CWE-444) [NVD�]��]
|
- CVE-2019-17567
|
- JVN : JVNVU#96037838
- National Vulnerability Database (NVD) : CVE-2019-17567
- �֘A���� : CVE-2019-17567: Apache httpd: mod_proxy_wstunnel tunneling of non Upgraded connections
|
- [2022�N02��24��]
�f��
- [2022�N03��14��]
�e������V�X�e���F�x���_���̒lj��ɔ������e���X�V
�x���_���F���� (hitachi-sec-2022-110) ��lj�
|