CVE-2018-11763 - In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can oc

CVE-2018-11763

Summary

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.

References

Vulnerable Configurations

cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 06-06-2021 - 11:15)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

redhat via4

advisories

rhsa
id RHSA-2018:3558
rhsa
id RHSA-2019:0366
rhsa
id RHSA-2019:0367

rpms

httpd24-curl-0:7.61.1-1.el6
httpd24-curl-0:7.61.1-1.el7
httpd24-curl-debuginfo-0:7.61.1-1.el6
httpd24-curl-debuginfo-0:7.61.1-1.el7
httpd24-httpd-0:2.4.34-7.el6
httpd24-httpd-0:2.4.34-7.el7
httpd24-httpd-debuginfo-0:2.4.34-7.el6
httpd24-httpd-debuginfo-0:2.4.34-7.el7
httpd24-httpd-devel-0:2.4.34-7.el6
httpd24-httpd-devel-0:2.4.34-7.el7
httpd24-httpd-manual-0:2.4.34-7.el6
httpd24-httpd-manual-0:2.4.34-7.el7
httpd24-httpd-tools-0:2.4.34-7.el6
httpd24-httpd-tools-0:2.4.34-7.el7
httpd24-libcurl-0:7.61.1-1.el6
httpd24-libcurl-0:7.61.1-1.el7
httpd24-libcurl-devel-0:7.61.1-1.el6
httpd24-libcurl-devel-0:7.61.1-1.el7
httpd24-libnghttp2-0:1.7.1-7.el6
httpd24-libnghttp2-0:1.7.1-7.el7
httpd24-libnghttp2-devel-0:1.7.1-7.el6
httpd24-libnghttp2-devel-0:1.7.1-7.el7
httpd24-mod_ldap-0:2.4.34-7.el6
httpd24-mod_ldap-0:2.4.34-7.el7
httpd24-mod_md-0:2.4.34-7.el7
httpd24-mod_proxy_html-1:2.4.34-7.el6
httpd24-mod_proxy_html-1:2.4.34-7.el7
httpd24-mod_session-0:2.4.34-7.el6
httpd24-mod_session-0:2.4.34-7.el7
httpd24-mod_ssl-1:2.4.34-7.el6
httpd24-mod_ssl-1:2.4.34-7.el7
httpd24-nghttp2-0:1.7.1-7.el6
httpd24-nghttp2-0:1.7.1-7.el7
httpd24-nghttp2-debuginfo-0:1.7.1-7.el6
httpd24-nghttp2-debuginfo-0:1.7.1-7.el7
jbcs-httpd24-0:1-6.jbcs.el6
jbcs-httpd24-0:1-6.jbcs.el7
jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-3.redhat_2.jbcs.el6
jbcs-httpd24-apache-commons-daemon-jsvc-1:1.1.0-3.redhat_2.jbcs.el7
jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-3.redhat_2.jbcs.el6
jbcs-httpd24-apache-commons-daemon-jsvc-debuginfo-1:1.1.0-3.redhat_2.jbcs.el7
jbcs-httpd24-apr-0:1.6.3-31.jbcs.el6
jbcs-httpd24-apr-0:1.6.3-31.jbcs.el7
jbcs-httpd24-apr-debuginfo-0:1.6.3-31.jbcs.el6
jbcs-httpd24-apr-debuginfo-0:1.6.3-31.jbcs.el7
jbcs-httpd24-apr-devel-0:1.6.3-31.jbcs.el6
jbcs-httpd24-apr-devel-0:1.6.3-31.jbcs.el7
jbcs-httpd24-apr-util-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-debuginfo-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-debuginfo-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-devel-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-devel-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-ldap-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-ldap-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-mysql-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-mysql-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-nss-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-nss-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-odbc-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-odbc-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-openssl-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-openssl-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-pgsql-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-pgsql-0:1.6.1-24.jbcs.el7
jbcs-httpd24-apr-util-sqlite-0:1.6.1-24.jbcs.el6
jbcs-httpd24-apr-util-sqlite-0:1.6.1-24.jbcs.el7
jbcs-httpd24-httpd-0:2.4.29-35.jbcs.el6
jbcs-httpd24-httpd-0:2.4.29-35.jbcs.el7
jbcs-httpd24-httpd-debuginfo-0:2.4.29-35.jbcs.el6
jbcs-httpd24-httpd-debuginfo-0:2.4.29-35.jbcs.el7
jbcs-httpd24-httpd-devel-0:2.4.29-35.jbcs.el6
jbcs-httpd24-httpd-devel-0:2.4.29-35.jbcs.el7
jbcs-httpd24-httpd-manual-0:2.4.29-35.jbcs.el6
jbcs-httpd24-httpd-manual-0:2.4.29-35.jbcs.el7
jbcs-httpd24-httpd-selinux-0:2.4.29-35.jbcs.el6
jbcs-httpd24-httpd-selinux-0:2.4.29-35.jbcs.el7
jbcs-httpd24-httpd-tools-0:2.4.29-35.jbcs.el6
jbcs-httpd24-httpd-tools-0:2.4.29-35.jbcs.el7
jbcs-httpd24-mod_cluster-native-0:1.3.8-3.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_cluster-native-0:1.3.8-3.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-3.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-3.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_jk-ap24-0:1.2.46-1.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk-ap24-0:1.2.46-1.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-1.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-1.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk-manual-0:1.2.46-1.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk-manual-0:1.2.46-1.redhat_1.jbcs.el7
jbcs-httpd24-mod_ldap-0:2.4.29-35.jbcs.el6
jbcs-httpd24-mod_ldap-0:2.4.29-35.jbcs.el7
jbcs-httpd24-mod_proxy_html-1:2.4.29-35.jbcs.el6
jbcs-httpd24-mod_proxy_html-1:2.4.29-35.jbcs.el7
jbcs-httpd24-mod_session-0:2.4.29-35.jbcs.el6
jbcs-httpd24-mod_session-0:2.4.29-35.jbcs.el7
jbcs-httpd24-mod_ssl-1:2.4.29-35.jbcs.el6
jbcs-httpd24-mod_ssl-1:2.4.29-35.jbcs.el7
jbcs-httpd24-nghttp2-0:1.29.0-9.jbcs.el6
jbcs-httpd24-nghttp2-0:1.29.0-9.jbcs.el7
jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-9.jbcs.el6
jbcs-httpd24-nghttp2-debuginfo-0:1.29.0-9.jbcs.el7
jbcs-httpd24-nghttp2-devel-0:1.29.0-9.jbcs.el6
jbcs-httpd24-nghttp2-devel-0:1.29.0-9.jbcs.el7
jbcs-httpd24-openssl-1:1.0.2n-14.jbcs.el6
jbcs-httpd24-openssl-1:1.0.2n-14.jbcs.el7
jbcs-httpd24-openssl-debuginfo-1:1.0.2n-14.jbcs.el6
jbcs-httpd24-openssl-debuginfo-1:1.0.2n-14.jbcs.el7
jbcs-httpd24-openssl-devel-1:1.0.2n-14.jbcs.el6
jbcs-httpd24-openssl-devel-1:1.0.2n-14.jbcs.el7
jbcs-httpd24-openssl-libs-1:1.0.2n-14.jbcs.el6
jbcs-httpd24-openssl-libs-1:1.0.2n-14.jbcs.el7
jbcs-httpd24-openssl-perl-1:1.0.2n-14.jbcs.el6
jbcs-httpd24-openssl-perl-1:1.0.2n-14.jbcs.el7
jbcs-httpd24-openssl-static-1:1.0.2n-14.jbcs.el6
jbcs-httpd24-openssl-static-1:1.0.2n-14.jbcs.el7
jbcs-httpd24-runtime-0:1-6.jbcs.el6
jbcs-httpd24-runtime-0:1-6.jbcs.el7

refmap via4

bid	105414
confirm	https://httpd.apache.org/security/vulnerabilities_24.html https://security.netapp.com/advisory/ntap-20190204-0004/ https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.tenable.com/security/tns-2019-09
misc	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
mlist	[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
sectrack	1041713
suse	openSUSE-SU-2019:1547 openSUSE-SU-2019:1814
ubuntu	USN-3783-1

Last major update

06-06-2021 - 11:15

Published

25-09-2018 - 21:29

Last modified

06-06-2021 - 11:15