CVE-2020-13938

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 10-06-2021 09:15

Last modified: - 15-04-2022 05:15

Total changes: - 6

Description

Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

None

Confidentiality

None

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

5.5

Base score

1.8

3.6

Exploitability score

Impact score

Verification logic

AND

vendor=apache AND product=http_server AND versionEndIncluding=2.4.46 AND versionStartIncluding=2.4.0

vendor=microsoft AND product=windows AND version=-

vendor=mcafee AND product=epolicy_orchestrator AND versionEndExcluding=5.10.0

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=-

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_1

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_10

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_11

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_12

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_2

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_3

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_4

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_5

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_6

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_7

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_8

vendor=mcafee AND product=epolicy_orchestrator AND version=5.10.0 AND update=update_9

vendor=netapp AND product=cloud_backup AND version=-

Reference

N/A-Release Notes, Vendor Advisory
N/A-Mailing List, Release Notes, Vendor Advisory
[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json-Mailing List, Vendor Advisory
[httpd-announce] 20210609 CVE-2020-13938: Improper Handling of Insufficient Privileges-Mailing List, Vendor Advisory
[oss-security] 20210609 CVE-2020-13938: Apache httpd: Improper Handling of Insufficient Privileges-Mailing List, Third Party Advisory
https://security.netapp.com/advisory/ntap-20210702-0001/
https://kc.mcafee.com/corporate/index?page=content&id=SB10379

Keywords

CVE-2020-13938

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2020-13938

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures