Russian Vulnerability Scanner Database

Back to List

CVE-2021-26690

Scores

EPSS

0.704medium70.4%
0%20%40%60%80%100%

Percentile: 70.4%

CVSS

7.5high3.x
0246810

CVSS Score: 7.5/10

All CVSS Scores

CVSS 3.x
7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0
5.0

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Description

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

astradebiannvdredhatubuntu

CWEs

CWE-476

Related Vulnerabilities

BDU:2021-03681

Exploits

Exploit ID: CVE-2021-26690

Source: github-poc

URL: https://github.com/danielduan2002/CVE-2021-26690

Vulnerable Software (44)

Type: Configuration

Product: apache2

Operating System: ubuntu bionic 18.04

Trait: 
{  "fixed": "2.4.29-1ubuntu4.16"}

Source: ubuntu

Type: Configuration

Product: apache2

Operating System: ubuntu focal 20.04

Trait: 
{  "fixed": "2.4.41-4ubuntu3.3"}

Source: ubuntu

Type: Configuration

Product: apache2

Operating System: ubuntu groovy 20.10

Trait: 
{  "fixed": "2.4.46-1ubuntu1.2"}

Source: ubuntu

Type: Configuration

Product: apache2

Operating System: ubuntu hirsute 21.04

Trait: 
{  "fixed": "2.4.46-4ubuntu1.1"}

Source: ubuntu

Type: Configuration

Product: apache2

Operating System: ubuntu impish 21.10

Trait: 
{  "fixed": "2.4.46-4ubuntu2"}

Source: ubuntu

Type: Configuration

Product: apache2

Operating System: ubuntu jammy 22.04

Trait: 
{  "fixed": "2.4.46-4ubuntu2"}

Source: ubuntu

Type: Configuration

Product: apache2

Operating System: ubuntu trusty 14.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: apache2

Operating System: ubuntu xenial 16.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: apache2

Operating System: debian

Trait: 
{  "fixed": "2.4.46-6"}

Source: debian

Type: Configuration

Product: apache2

Operating System: astra 1.7.1.8

Trait: 
{  "unaffected": true}

Source: astra

Type: Configuration

Product: apache2

Operating System: astra 4.7.1.8

Trait: 
{  "unaffected": true}

Source: astra

Type: Configuration

Product: httpd

Operating System: rhel

Trait: 
{  "fixed": "2.4-8050020210712211742.b4937e53"}

Source: redhat

Type: Configuration

Product: jbcs-httpd24-apr

Operating System: rhel

Trait: 
{  "fixed": "1.6.3-107.el8jbcs"}

Source: redhat

Type: Configuration

Product: jbcs-httpd24-apr

Operating System: rhel

Trait: 
{  "fixed": "1.6.3-107.jbcs.el7"}

Source: redhat

Type: Configuration

Product: jbcs-httpd24-apr-util

Operating System: rhel

Trait: 
{  "fixed": "1.6.1-84.el8jbcs"}

Source: redhat

Type: Configuration

Product: jbcs-httpd24-apr-util

Operating System: rhel

Trait: 
{  "fixed": "1.6.1-84.jbcs.el7"}

Source: redhat

Type: Configuration

Product: jbcs-httpd24-curl

Operating System: rhel

Trait: 
{  "fixed": "7.78.0-2.el8jbcs"}

Source: redhat

Type: Configuration

Product: jbcs-httpd24-curl

Operating System: rhel

Trait: 
{  "fixed": "7.78.0-2.jbcs.el7"}

Source: redhat

Type: Configuration

Product: jbcs-httpd24-httpd

Operating System: rhel

Trait: 
{  "fixed": "2.4.37-78.el8jbcs"}

Source: redhat

Type: Configuration

Product: jbcs-httpd24-httpd

Operating System: rhel

Trait: 
{  "fixed": "2.4.37-78.jbcs.el7"}

Source: redhat