Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-1v86-mmdn-z3fk
Vulnerability ID VCID-1v86-mmdn-z3fk
Aliases CVE-2003-0192
Summary A bug in the optional renegotiation code in mod_ssl included with Apache httpd can cause cipher suite restrictions to be ignored. This is triggered if optional renegotiation is used (SSLOptions +OptRenegotiate) along with verification of client certificates and a change to the cipher suite over the renegotiation.
Status Published
Exploitability 0.5
Weighted Severity 2.1
Risk 1.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.11824 https://api.first.org/data/v1/epss?cve=CVE-2003-0192
epss 0.11824 https://api.first.org/data/v1/epss?cve=CVE-2003-0192
epss 0.11824 https://api.first.org/data/v1/epss?cve=CVE-2003-0192
epss 0.11824 https://api.first.org/data/v1/epss?cve=CVE-2003-0192
epss 0.11824 https://api.first.org/data/v1/epss?cve=CVE-2003-0192
epss 0.11824 https://api.first.org/data/v1/epss?cve=CVE-2003-0192
epss 0.11824 https://api.first.org/data/v1/epss?cve=CVE-2003-0192
epss 0.11824 https://api.first.org/data/v1/epss?cve=CVE-2003-0192
apache_httpd low https://httpd.apache.org/security/json/CVE-2003-0192.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0192.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0192
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0192
1616998 https://bugzilla.redhat.com/show_bug.cgi?id=1616998
CVE-2003-0192 https://httpd.apache.org/security/json/CVE-2003-0192.json
RHSA-2003:240 https://access.redhat.com/errata/RHSA-2003:240
RHSA-2003:243 https://access.redhat.com/errata/RHSA-2003:243
RHSA-2003:244 https://access.redhat.com/errata/RHSA-2003:244
RHSA-2003:290 https://access.redhat.com/errata/RHSA-2003:290
RHSA-2003:301 https://access.redhat.com/errata/RHSA-2003:301
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.9368
EPSS Score 0.11824
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:36:12.168135+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2003-0192.json 38.0.0