CVE-2015-3185

Description

The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior.

CVSS Metrics

• v2.0•MEDIUM•Score: 4.3AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 6.37%• Percentile: 91%

Techniques & Countermeasures

• CWE-264•Permissions, Privileges, and Access Controls

  Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Affected Systems

• Unknown•HTTP Server

  2.4.0 | 2.4.1 | 2.4.2 | 2.4.3 | 2.4.4 | 2.4.6 | 2.4.7 | 2.4.8 | 2.4.9 | 2.4.10 | 2.4.12 | 2.4.13

• apple•mac_os_x

  10.10.4

• apple•mac_os_x_server

  5.0.3

• apple•xcode

  7.0

• canonical•ubuntu_linux

  12.04 | 14.04 | 15.04

References (35)

• http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html
• http://httpd.apache.org/security/vulnerabilities_24.html
• https://github.com/apache/httpd/commit/cd2b7a26c776b0754fb98426a67804fd48118708
• http://rhn.redhat.com/errata/RHSA-2015-1667.html
• https://support.apple.com/HT205217
• http://www.apache.org/dist/httpd/CHANGES_2.4
• http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
• https://access.redhat.com/errata/RHSA-2017:2709
• http://rhn.redhat.com/errata/RHSA-2015-1666.html
• http://www.securitytracker.com/id/1032967
• http://www.ubuntu.com/usn/USN-2686-1
• http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
• http://www.securityfocus.com/bid/75965
• http://www.debian.org/security/2015/dsa-3325
• http://rhn.redhat.com/errata/RHSA-2016-2957.html
• https://support.apple.com/kb/HT205031
• https://access.redhat.com/errata/RHSA-2017:2710
• http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
• https://support.apple.com/HT205219
• https://access.redhat.com/errata/RHSA-2017:2708
• https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
• https://github.com/apache/httpd/commit/db81019ab88734ed35fa70294a0cfa7a19743f73
• https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E