Search for vulnerabilities
Vulnerability details: VCID-mnbx-sanh-aaar
Vulnerability ID VCID-mnbx-sanh-aaar
Aliases CVE-2023-31122
Summary Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-125 Out-of-bounds Read
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31122.json
epss 0.003 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.003 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.003 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.003 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.003 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00342 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00349 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00403 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.00414 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02389 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02389 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02389 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02389 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02389 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02389 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02834 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02834 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02834 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02834 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.02834 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.05740 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.05740 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.05740 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
epss 0.05740 https://api.first.org/data/v1/epss?cve=CVE-2023-31122
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.5 https://httpd.apache.org/security/vulnerabilities_24.html
generic_textual HIGH https://httpd.apache.org/security/vulnerabilities_24.html
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2023-31122
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2023-31122
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31122.json
https://api.first.org/data/v1/epss?cve=CVE-2023-31122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://httpd.apache.org/security/vulnerabilities_24.html
https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/
https://security.netapp.com/advisory/ntap-20231027-0011/
2245332 https://bugzilla.redhat.com/show_bug.cgi?id=2245332
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
CVE-2023-31122 https://httpd.apache.org/security/json/CVE-2023-31122.json
CVE-2023-31122 https://nvd.nist.gov/vuln/detail/CVE-2023-31122
RHSA-2024:2278 https://access.redhat.com/errata/RHSA-2024:2278
RHSA-2024:3121 https://access.redhat.com/errata/RHSA-2024:3121
USN-6506-1 https://usn.ubuntu.com/6506-1/
USN-6510-1 https://usn.ubuntu.com/6510-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31122.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://httpd.apache.org/security/vulnerabilities_24.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-31122
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-31122
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.52678
EPSS Score 0.003
Published At April 16, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.