Privilege Escalation Vulnerability in Apache HTTP Server 2.4

Privilege Escalation Vulnerability in Apache HTTP Server 2.4

CVE-2019-0211 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.

Learn more about our Cis Benchmark Audit For Apache Http Server.