CVE-2017-12171
Description
A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the Allow and Deny configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS Score
Exploitation Probability
1.543
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2017:2972) httpd security update httpd-2.2.15-60.el6_9.6.i686.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-2.2.15-60.el6_9.6.x86_64.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-devel-2.2.15-60.el6_9.6.i686.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-devel-2.2.15-60.el6_9.6.x86_64.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-manual-2.2.15-60.el6_9.6.noarch.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-tools-2.2.15-60.el6_9.6.i686.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-tools-2.2.15-60.el6_9.6.x86_64.rpm | Linux |
| (RHSA-2017:2972) httpd security update mod_ssl-2.2.15-60.el6_9.6.i686.rpm | Linux |
| (RHSA-2017:2972) httpd security update mod_ssl-2.2.15-60.el6_9.6.x86_64.rpm | Linux |
| CVE-2017-12171 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234