CVE-2016-1000104

CWE-20Improper Input Validation7 documents7 sources
Severity
8.8HIGH
EPSS
0.4%
top 40.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apache MOD FcgidOpensuse LeapOpensuse Opensuse
Timeline
PublishedDec 3
Latest updateMay 24

Description

A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

NVDapache/mod_fcgid2016-07-07
NVDopensuse/leap42.1

🔴Vulnerability Details

3
GHSA
GHSA-3qww-55h8-4xjp: A security Bypass vulnerability exists in mod_fcgid through 2016-07-07 in the FcgidPassHeader Proxy2022-05-24
CVEList
CVE-2016-1000104: A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-072019-12-03
OSV
CVE-2016-1000104: A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-072019-12-03

📋Vendor Advisories

2
Microsoft
A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.2019-12-10
Red Hat
mod_fcgid: mod_fcgid sets environmental variable based on user supplied Proxy request header2016-07-18

💬Community

1
Bugzilla
CVE-2016-1000104 mod_fcgid: mod_fcgid sets environmental variable based on user supplied Proxy request header2016-07-07
CVE-2016-1000104 (HIGH CVSS 8.8) | A security Bypass vulnerability exi | cvebase.io