Search for vulnerabilities
Vulnerability details: VCID-kraa-vyt2-aaaa
Vulnerability ID VCID-kraa-vyt2-aaaa
Aliases CVE-2017-9788
Summary In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-20 Improper Input Validation
CWE-456 Missing Initialization of a Variable
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-9788.html
rhas Important https://access.redhat.com/errata/RHSA-2017:3113
rhas Important https://access.redhat.com/errata/RHSA-2017:3114
rhas Important https://access.redhat.com/errata/RHSA-2017:3240
cvssv3 4.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
epss 0.25301 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.25668 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.25668 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.25668 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.25788 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.25788 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46149 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46149 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46149 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46149 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.46783 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.5439 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.5439 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.5439 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.5439 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.5439 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.5439 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.5439 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54956 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54956 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54956 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.54971 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.55534 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.55534 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.55534 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.55534 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.55534 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.55534 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.57147 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.57147 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
epss 0.75855 https://api.first.org/data/v1/epss?cve=CVE-2017-9788
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1470748
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
cvssv2 4 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 4.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
apache_httpd important https://httpd.apache.org/security/json/CVE-2017-9788.json
generic_textual Medium https://httpd.apache.org/security/vulnerabilities_22.html
cvssv3.1 7.5 https://httpd.apache.org/security/vulnerabilities_24.html
generic_textual HIGH https://httpd.apache.org/security/vulnerabilities_24.html
generic_textual Medium https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb@%3Cannounce.httpd.apache.org%3E
cvssv2 6.4 https://nvd.nist.gov/vuln/detail/CVE-2017-9788
cvssv3 9.1 https://nvd.nist.gov/vuln/detail/CVE-2017-9788
archlinux Critical https://security.archlinux.org/AVG-350
generic_textual Medium https://ubuntu.com/security/notices/USN-3370-1
generic_textual Medium https://ubuntu.com/security/notices/USN-3370-2
cvssv3.1 8.8 https://www.tenable.com/security/tns-2019-09
generic_textual HIGH https://www.tenable.com/security/tns-2019-09
cvssv3.1 7.5 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-9788.html
https://access.redhat.com/errata/RHSA-2017:2478
https://access.redhat.com/errata/RHSA-2017:2479
https://access.redhat.com/errata/RHSA-2017:2483
https://access.redhat.com/errata/RHSA-2017:2708
https://access.redhat.com/errata/RHSA-2017:2709
https://access.redhat.com/errata/RHSA-2017:2710
https://access.redhat.com/errata/RHSA-2017:3193
https://access.redhat.com/errata/RHSA-2017:3194
https://access.redhat.com/errata/RHSA-2017:3195
https://access.redhat.com/errata/RHSA-2017:3239
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
https://api.first.org/data/v1/epss?cve=CVE-2017-9788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://httpd.apache.org/security/vulnerabilities_22.html
https://httpd.apache.org/security/vulnerabilities_24.html
https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb@%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb%40%3Cannounce.httpd.apache.org%3E
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
https://security.gentoo.org/glsa/201710-32
https://security.netapp.com/advisory/ntap-20170911-0002/
https://support.apple.com/HT208221
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us
https://ubuntu.com/security/notices/USN-3370-1
https://ubuntu.com/security/notices/USN-3370-2
https://www.tenable.com/security/tns-2019-09
http://www.debian.org/security/2017/dsa-3913
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.securityfocus.com/bid/99569
http://www.securitytracker.com/id/1038906
1470748 https://bugzilla.redhat.com/show_bug.cgi?id=1470748
868467 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
ASA-201707-15 https://security.archlinux.org/ASA-201707-15
AVG-350 https://security.archlinux.org/AVG-350
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:secure_global_desktop:5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
CVE-2017-9788 https://httpd.apache.org/security/json/CVE-2017-9788.json
CVE-2017-9788 https://nvd.nist.gov/vuln/detail/CVE-2017-9788
RHSA-2017:3113 https://access.redhat.com/errata/RHSA-2017:3113
RHSA-2017:3114 https://access.redhat.com/errata/RHSA-2017:3114
RHSA-2017:3240 https://access.redhat.com/errata/RHSA-2017:3240
USN-3370-1 https://usn.ubuntu.com/3370-1/
USN-3370-2 https://usn.ubuntu.com/3370-2/
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://httpd.apache.org/security/vulnerabilities_24.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2017-9788
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-9788
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://www.tenable.com/security/tns-2019-09
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.95921
EPSS Score 0.25301
Published At June 3, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.