[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-26859-9

Platform: cpe:/o:centos:centos:6, cpe:/o:oracle:linux:6, cpe:/o:redhat:enterprise_linux:6, cpe:/o:ubuntu:ubuntu_linux:14.10Date: (C)2014-09-10   (M)2023-07-04



The cache module allows httpd to cache data, optimizing access to frequently accessed content. However, it introduces potential security flaws such as the possibility of circumventing Allow and Deny directives. If this functionality is unnecessary, comment out the module: #LoadModule cache_module modules/mod_cache.so If caching is required, it should not be enabled for any limited-access content.


Parameter:

[]


Technical Mechanism:

CCSS Severity:CCSS Metrics:
CCSS Score : 5.3Attack Vector: LOCAL
Exploit Score: 1.0Attack Complexity: HIGH
Impact Score: 4.2Privileges Required: LOW
Severity: MEDIUMUser Interaction: NONE
Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:LScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: NONE
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:53749
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:26108
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:26147


OVAL    3
oval:org.secpod.oval:def:26108
oval:org.secpod.oval:def:53749
oval:org.secpod.oval:def:26147
XCCDF    3
xccdf_org.secpod_benchmark_general_OEL_6
xccdf_org.secpod_benchmark_general_RHEL_6
xccdf_org.secpod_benchmark_general_CENTOS_6

© SecPod Technologies