CVE-2019-0211
Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
Vulnerability Description
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
Affected Platforms (CPE)
📦
Apache
Http Server
>= 2.4.17 and <= 2.4.38💻
Fedoraproject
Fedora
= 28💻
Fedoraproject
Fedora
= 29💻
Fedoraproject
Fedora
= 30💻
Canonical
Ubuntu Linux
= 14.04💻
Canonical
Ubuntu Linux
= 16.04💻
Canonical
Ubuntu Linux
= 18.04💻
Canonical
Ubuntu Linux
= 18.10💻
Debian
Debian Linux
= 9.0💻
Opensuse
Leap
= 15.0💻
Opensuse
Leap
= 42.3📦
Netapp
Oncommand Unified Manager
All versions📦
Redhat
Jboss Core Services
= 1.0📦
Redhat
Openshift Container Platform
= 3.11📦
Redhat
Openshift Container Platform For Power
= 3.11_ppc64le📦
Redhat
Software Collections
= 1.0💻
Redhat
Enterprise Linux
= 8.0💻
Redhat
Enterprise Linux Eus
= 8.1💻
Redhat
Enterprise Linux Eus
= 8.2💻
Redhat
Enterprise Linux Eus
= 8.4💻
Redhat
Enterprise Linux Eus
= 8.6💻
Redhat
Enterprise Linux Eus
= 8.8💻
Redhat
Enterprise Linux For Arm 64
= 8.0_aarch64💻
Redhat
Enterprise Linux For Arm 64 Eus
= 8.1_aarch64💻
Redhat
Enterprise Linux For Arm 64 Eus
= 8.2_aarch64💻
Redhat
Enterprise Linux For Arm 64 Eus
= 8.4_aarch64💻
Redhat
Enterprise Linux For Arm 64 Eus
= 8.6_aarch64💻
Redhat
Enterprise Linux For Arm 64 Eus
= 8.8_aarch64💻
Redhat
Enterprise Linux For Ibm Z Systems
= 8.0_s390x💻
Redhat
Enterprise Linux For Ibm Z Systems Eus
= 8.1_s390x💻
Redhat
Enterprise Linux For Ibm Z Systems Eus
= 8.2_s390x💻
Redhat
Enterprise Linux For Ibm Z Systems Eus
= 8.4_s390x💻
Redhat
Enterprise Linux For Ibm Z Systems Eus
= 8.6_s390x💻
Redhat
Enterprise Linux For Ibm Z Systems Eus
= 8.8_s390x💻
Redhat
Enterprise Linux For Power Little Endian
= 8.0_ppc64le💻
Redhat
Enterprise Linux For Power Little Endian Eus
= 8.1_ppc64le💻
Redhat
Enterprise Linux For Power Little Endian Eus
= 8.2_ppc64le💻
Redhat
Enterprise Linux For Power Little Endian Eus
= 8.4_ppc64le💻
Redhat
Enterprise Linux For Power Little Endian Eus
= 8.6_ppc64le💻
Redhat
Enterprise Linux For Power Little Endian Eus
= 8.8_ppc64le💻
Redhat
Enterprise Linux Server Aus
= 8.2💻
Redhat
Enterprise Linux Server Aus
= 8.4💻
Redhat
Enterprise Linux Server Aus
= 8.6💻
Redhat
Enterprise Linux Server Tus
= 8.2💻
Redhat
Enterprise Linux Server Tus
= 8.4💻
Redhat
Enterprise Linux Server Tus
= 8.6💻
Redhat
Enterprise Linux Server Tus
= 8.8💻
Redhat
Enterprise Linux Update Services For Sap Solutions
= 8.0💻
Redhat
Enterprise Linux Update Services For Sap Solutions
= 8.1💻
Redhat
Enterprise Linux Update Services For Sap Solutions
= 8.4💻
Redhat
Enterprise Linux Update Services For Sap Solutions
= 8.6💻
Redhat
Enterprise Linux Update Services For Sap Solutions
= 8.8📦
Oracle
Communications Session Report Manager
= 8.0.0📦
Oracle
Communications Session Report Manager
= 8.1.0📦
Oracle
Communications Session Report Manager
= 8.1.1📦
Oracle
Communications Session Report Manager
= 8.2.0📦
Oracle
Communications Session Route Manager
= 8.0.0📦
Oracle
Communications Session Route Manager
= 8.1.0📦
Oracle
Communications Session Route Manager
= 8.1.1📦
Oracle
Communications Session Route Manager
= 8.2.0📦
Oracle
Enterprise Manager Ops Center
= 12.3.3📦
Oracle
Enterprise Manager Ops Center
= 12.4.0📦
Oracle
Http Server
= 12.2.1.3.0📦
Oracle
Instantis Enterprisetrack
= 17.1📦
Oracle
Instantis Enterprisetrack
= 17.2📦
Oracle
Instantis Enterprisetrack
= 17.3📦
Oracle
Retail Xstore Point Of Service
= 7.0📦
Oracle