First published: Thu Jul 13 2017(Updated: )
apache. Multiple issues were addressed by updating to version 2.4.27.
Credit: CVE-2016-0736 CVE-2016-2161 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS High Sierra | <10.13.1 | 10.13.1 |
Apple Sierra | ||
Apple El Capitan | ||
redhat/httpd | <2.2.34 | 2.2.34 |
redhat/httpd | <2.4.27 | 2.4.27 |
Apache HTTP server | <=2.2.33 | |
Apache HTTP server | >=2.4.0<=2.4.26 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Apple Mac OS X | <10.13.1 | |
Netapp Oncommand Unified Manager 7-mode | ||
Netapp Storage Automation Store | ||
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =6.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server Aus | =7.2 | |
Redhat Enterprise Linux Server Aus | =7.3 | |
Redhat Enterprise Linux Server Aus | =7.4 | |
Redhat Enterprise Linux Server Aus | =7.6 | |
Redhat Enterprise Linux Server Eus | =6.7 | |
Redhat Enterprise Linux Server Eus | =7.2 | |
Redhat Enterprise Linux Server Eus | =7.3 | |
Redhat Enterprise Linux Server Eus | =7.4 | |
Redhat Enterprise Linux Server Eus | =7.5 | |
Redhat Enterprise Linux Server Eus | =7.6 | |
Redhat Enterprise Linux Server Tus | =7.2 | |
Redhat Enterprise Linux Server Tus | =7.3 | |
Redhat Enterprise Linux Server Tus | =7.4 | |
Redhat Enterprise Linux Server Tus | =7.6 | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Redhat Jboss Core Services | =1.0 | |
Redhat Jboss Enterprise Application Platform | =6.0.0 | |
Redhat Jboss Enterprise Application Platform | =6.4.0 | |
Redhat Jboss Enterprise Web Server | =2.0.0 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Oracle Secure Global Desktop | =5.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-9788 is a vulnerability in Apache httpd that allows an attacker to reflect a stale value in the [Proxy-]Authorization headers of type 'Digest'.
CVE-2017-9788 has a severity rating of critical with a CVSS score of 9.1.
CVE-2017-9788 affects Apache httpd versions before 2.2.34 and 2.4.x before 2.4.27.
To fix CVE-2017-9788, update Apache httpd to version 2.2.34 or 2.4.27 or later.
You can find more information about CVE-2017-9788 at the following references: [reference1], [reference2], [reference3].