CVE Vulnerabilities

CVE-2013-2249

Published: Jul 23, 2013 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
2.6 MODERATE
AV:N/AC:H/Au:N/C:N/I:P/A:N
RedHat/V3
Ubuntu
MEDIUM

mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.

Affected Software

Name Vendor Start Version End Version
Http_server Apache 2.4.1 (including) 2.4.4 (including)
Apache2 Ubuntu devel *
Apache2 Ubuntu upstream *

References