VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-auc4-5bkq-8ffa

Essentials
Severities (16)
References (16)
Severity details (3)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-auc4-5bkq-8ffa
Aliases	CVE-2016-0736
Summary	Prior to Apache HTTP release 2.4.25, mod_sessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. An authentication tag (SipHash MAC) is now added to prevent such attacks.
Status	Published
Exploitability	2.0
Weighted Severity	4.9
Risk	9.8
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-287

Improper Authentication

System	Score	Found at
cvssv3	5.4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json
epss	0.10249	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.10249	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.10249	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
epss	0.1741	https://api.first.org/data/v1/epss?cve=CVE-2016-0736
cvssv2	4	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
apache_httpd	low	https://httpd.apache.org/security/json/CVE-2016-0736.json

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-0736
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1406744		https://bugzilla.redhat.com/show_bug.cgi?id=1406744
CVE-2016-0736	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py
CVE-2016-0736		https://httpd.apache.org/security/json/CVE-2016-0736.json
CVE-2016-0736	Exploit	https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt
RHSA-2017:0906		https://access.redhat.com/errata/RHSA-2017:0906
RHSA-2017:1161		https://access.redhat.com/errata/RHSA-2017:1161
RHSA-2017:1413		https://access.redhat.com/errata/RHSA-2017:1413
RHSA-2017:1414		https://access.redhat.com/errata/RHSA-2017:1414
RHSA-2017:1415		https://access.redhat.com/errata/RHSA-2017:1415
USN-3279-1		https://usn.ubuntu.com/3279-1/

Data source	Exploit-DB
Date added	Dec. 23, 2016
Description	Apache mod_session_crypto - Padding Oracle
Ransomware campaign use	Unknown
Source publication date	Dec. 23, 2016
Exploit type	webapps
Platform	multiple
Source update date	Dec. 23, 2016
Source URL	https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Exploit Prediction Scoring System (EPSS)

Percentile	0.92886
EPSS Score	0.10249
Published At	Aug. 1, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:29:00.984848+00:00	Apache HTTPD Importer	Import	https://httpd.apache.org/security/json/CVE-2016-0736.json	37.0.0