Apache – CVE-2020-9490

Description

Kayran has detected that the Version of Apache HTTP Server being used is vulnerable to a ‘Push Diary Crash on a Specifically Crafted HTTP/2 Header’.
CVE-2020-9490 is categorized as a ‘Inconsistent Interpretation of HTTP Requests’ vulnerability, otherwise known as ‘HTTP Request/Response Smuggling’ (CWE-444).

CWE-444 occurs when the product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server.
But in fact, it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages should be processed by those entities that are at the ultimate destination.

In the version being used, a specially crafted value for the ‘Cache-Digest’ header in a HTTP/2 request could result in crashes. Which could happen when the server is actually trying to HTTP/2 PUSH a resource afterwards.

It could lead to a decrease in performance and interruptions in the availability of resources.

Recommendation

Configuring the HTTP/2 feature by toggling “H2Push off” could mitigate CVE-2020-9490 for any unpatched servers.
Also, upgrade the version of Apache HTTP Server being used to 2.4.44.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490

https://cwe.mitre.org/data/definitions/444.html

< Return to all Vulnerabilities

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »