Client certificate authentication bypass in Apache HTTP Server and Oracle Enterprise Manager Ops Center - CVE-2016-4979
Published: July 6, 2016 / Updated: January 4, 2017
Vulnerability identifier: #VU91
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2016-4979
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Apache Foundation
Oracle
Oracle
Affected software:
Apache HTTP Server
Oracle Enterprise Manager Ops Center
Apache HTTP Server
Oracle Enterprise Manager Ops Center
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass client certificate authentication.
The vulnerability exists due to HTTP/2 certificate validation error. A remote unauthenticated attacker can bypass client certificate authentication and access web resources on the target system.
Systems using the mod_http2 module with activated h2 and h2c protocols in configuration are affected.
Successful exploitation of this vulnerability may result unauthorized access to resources on the web server.
How to mitigate CVE-2016-4979
Install the latest version of Apache HTTP Server 2.4.23, which resolves this vulnerability.