Vulnerability Details : CVE-2016-4975

Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 (Affected 2.4.1-2.4.23). Fixed in Apache HTTP Server 2.2.32 (Affected 2.2.0-2.2.31).

Published 2018-08-14 12:29:00

Updated 2021-06-06 11:15:19

Source Apache Software Foundation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2016-4975

Probability of exploitation activity in the next 30 days: 0.43%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 71 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-4975

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
6.1	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	2.8	2.7	[email protected]
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2016-4975

CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection')

The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

Assigned by: [email protected] (Primary)

References for CVE-2016-4975

Products affected by CVE-2016-4975

Apache » Http Server » Version: 2.2.0
cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.3
cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.4
cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.2
cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.6
cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.8
cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.9
cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.12
cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.13
cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.10
cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.11
cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.14
cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.15
cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.18
cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.19
cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.16
cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.17
cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.21
cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.20
cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.22
cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.23
cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.1
cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.2
cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.3
cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.24
cpe:2.3:a:apache:http_server:2.2.24:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.25
cpe:2.3:a:apache:http_server:2.2.25:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.6
cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.4
cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.9
cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.7
cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.26
cpe:2.3:a:apache:http_server:2.2.26:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.27
cpe:2.3:a:apache:http_server:2.2.27:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.10
cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.12
cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.16
cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.17
cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.18
cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.20
cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.4.23
cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.29
cpe:2.3:a:apache:http_server:2.2.29:*:*:*:*:*:*:*
Matching versions
Apache » Http Server » Version: 2.2.31
cpe:2.3:a:apache:http_server:2.2.31:*:*:*:*:*:*:*
Matching versions