CVE-2016-5387: The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in…

high8.1CVSS 3.0

AVNACHPRNUINSUCHIHAH

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.

Affected

50 ranges· showing 25

Vendor	Product	Version range	Fixed in
apache	http_server	2.2.0 – 2.2.31	—
apache	http_server	2.4.1 – 2.4.23	—
apple	mac_os_x	<= 10.11.6	—
apple	macos_high_sierra	—	—
apple	macos_high_sierra_10.13.1_security_update_2017-001_sierra_and_security_update_20	—	—
apple	macos_sierra_10.12.4_security_update_2017-001_el_capitan_and_security_update_201	—	—
apple	os_x_server	<= 5.1	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	apache2	< apache2 2.4.23-2 (bookworm)	apache2 2.4.23-2 (bookworm)
debian	debian_linux	—	—
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
hp	system_management_homepage	<= 7.5.5.0	—
opensuse	leap	—	—
opensuse	opensuse	—	—
oracle	communications_user_data_repository	10.0.0 – 12.4	—
oracle	enterprise_manager_ops_center	—	—
oracle	enterprise_manager_ops_center	—	—
oracle	linux	—	—
oracle	linux	—	—
oracle	linux	—	—
oracle	solaris	—	—

CVSS provenance

nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

osv8.1HIGH