Description

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

Remediation

References

CVE-2020-11984

Related Vulnerabilities

WordPress Plugin Carousel slideshow 'swfupload.swf' Cross-Site Scripting (3.10)

Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3923)

WordPress Plugin YITH WooCommerce Gift Cards Security Bypass (1.3.7)

WordPress Plugin Elementor Website Builder Security Bypass (3.0.13)

WordPress Plugin Social Sharing Toolkit Cross-Site Scripting (2.1.1)

Severity

Critical

Classification

CVE-2020-11984 CWE-120 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities