DESCRIPTION: Apache HTTP Server could provide weaker than expected security, caused by URL normalization inconsistencies. A remote attacker could exploit this vulnerability to launch further attacks on the system.

CVSS Base Score: 5.3

CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158948> for the current score

CVSS Environmental Score*: Undefined

CVSS Vector:(CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

IBM Netezza Performance Portal 2.1.1.1-2.1.1.8

Remediation/Fixes

Product	VRMF	Remediation / First Fix
IBM Netezza Performance Portal	2.1.1.9	Link to Fix Central

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm puredata systemeqany

CPE	Name	Operator	Version
	ibm puredata system	eq	any

alpinelinux 1

prion 1

nessus 43

openvas 22

redhatcve 2

broadcom 1

ibm 22

redhat 5

cvelist 1

nvd 1

debiancve 1

cve 1

ubuntucve 2

httpd 1

osv 3

veracode 1

centos 1

oraclelinux 2

debian 3

f5 1

altlinux 3

fedora 3

suse 3

archlinux 1

ubuntu 1

kaspersky 1

freebsd 1

amazon 2

symantec 1

oracle 5

alpinelinux

CVE-2019-0220

2019-06-11 21:29:00

prion

Path traversal

2019-06-11 21:29:00

nessus

EulerOS 2.0 SP3 : httpd (EulerOS-SA-2019-2249)

2019-11-08 00:00:00

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2019-2080)

2019-09-30 00:00:00

NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Multiple Vulnerabilities (NS-SA-2019-0202)

2019-10-15 00:00:00

openvas

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-2080)

2020-01-23 00:00:00

Apache HTTP Server < 2.4.39 URL Normalization Vulnerability - Linux

2019-04-08 00:00:00

Apache HTTP Server < 2.4.39 URL Normalization Vulnerability - Windows

2019-04-08 00:00:00

redhatcve

CVE-2019-0220

2019-04-02 11:19:54

CVE-2021-30641

2021-06-08 03:49:52

broadcom

Apache httpd URL normalization inconsistency

2023-08-01 00:00:00

ibm

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server, a component of IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager (CVE-2019-0220)

2023-06-28 22:14:50

Security Bulletin: Multiple Apache HTTP Server vulnerabilities in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Performance Manager (CVE-2019-0211 CVE-2019-0220)

2019-05-09 10:25:01

Security Bulletin: Multiple Vulnerabilities in IBM HTTP Server bundled with IBM Cloud Pak System (CVE-2019-0211 CVE-2019-0220)

2019-09-24 09:08:07

redhat

(RHSA-2020:0251) Low: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP1 Security Update

2020-01-27 21:17:57

(RHSA-2019:3436) Moderate: httpd:2.4 security and bug fix update

2019-11-05 17:46:04

(RHSA-2019:2343) Moderate: httpd security and bug fix update

2019-08-06 08:27:25

cvelist

CVE-2019-0220

2019-06-11 20:49:50

nvd

CVE-2019-0220

2019-06-11 21:29:00

debiancve

CVE-2019-0220

2019-06-11 21:29:00

cve

CVE-2019-0220

2019-06-11 21:29:00

ubuntucve

CVE-2019-0220

2019-04-02 00:00:00

CVE-2021-30641

2021-06-10 00:00:00

httpd

Apache Httpd < 2.4.39 : Apache httpd URL normalization inconsistincy

2019-01-20 00:00:00

osv

CVE-2019-0220

2019-06-11 21:29:00

apache2 - security update

2019-04-03 00:00:00

apache2 - security update

2019-04-03 00:00:00

veracode

Authorization Bypass

2019-08-08 00:07:37

centos

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

2019-09-18 20:21:26

oraclelinux

httpd:2.4 security and bug fix update

2019-11-14 00:00:00

httpd security and bug fix update

2019-08-13 00:00:00

debian

[SECURITY] [DLA 1748-1] apache2 security update

2019-04-03 14:29:59

[SECURITY] [DSA 4422-1] apache2 security update

2019-04-03 09:10:59

[SECURITY] [DSA 4422-1] apache2 security update

2019-04-03 09:10:59

K44591505 : Apache vulnerabilities CVE-2019-0196, CVE-2019-0197, and CVE-2019-0220

2019-05-07 00:00:00

altlinux

Security fix for the ALT Linux 9 package apache2 version 1:2.4.39-alt1

2019-04-02 00:00:00

Security fix for the ALT Linux 10 package apache2 version 1:2.4.39-alt1

2019-04-02 00:00:00

Security fix for the ALT Linux 8 package apache2 version 1:2.4.39-alt1

2019-04-03 00:00:00

fedora

[SECURITY] Fedora 28 Update: httpd-2.4.39-1.1.fc28

2019-05-14 01:06:32

[SECURITY] Fedora 29 Update: httpd-2.4.39-2.fc29

2019-04-06 19:44:50

[SECURITY] Fedora 30 Update: httpd-2.4.39-2.fc30

2019-04-05 00:03:02

suse

Security update for apache2 (important)

2019-04-23 00:00:00

Security update for apache2 (important)

2019-04-16 00:00:00

Security update for apache2 (important)

2019-04-11 00:00:00

archlinux

[ASA-201904-3] apache: multiple issues

2019-04-05 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2019-04-04 00:00:00

kaspersky

KLA12365 Multiple vulnerabilities in Apache HTTP Server

2019-04-01 00:00:00

freebsd

Apache -- Multiple vulnerabilities

2019-04-01 00:00:00

amazon

Important: httpd24

2019-04-05 20:05:00

Important: httpd

2019-04-04 21:49:00

symantec

Apache HTTP Server Vulnerabilities Jan 2019 - Apr 2020

2020-06-12 20:41:37

oracle

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update Advisory - July 2019

2019-07-16 00:00:00

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.007 Low

EPSS

Percentile

80.9%

JSON

Related for FB7CE089404C4E104BF171B9208D3607A7879A5E9B2FFD4D21234D829EBAD29F