CCE-27782-2| Platform: apache-httpd2.2 | Date: (C)2013-02-19 (M)2022-10-10 |
Apache's log_config_module should be enabled or disabled as appropriate.
Parameter:
(1) log_config_module
Technical Mechanism:
(1) Apache configuration file: LoadModule directive
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : | Attack Vector: |
| Exploit Score: | Attack Complexity: |
| Impact Score: | Privileges Required: |
| Severity: | User Interaction: |
| Vector: | Scope: |
| | Confidentiality: |
| | Integrity: |
| | Availability: |
| | |
References: | Resource Id | Reference |
|---|
| CIS Security Configuration Benchmark For Apache Web Server 2.2 Version 3.1.0 June 11th, 2012 | 1.2.2 Enable the Log Config Module (Level 1, Scorable)
For dynamically loaded modules, add or modify the LoadModule directive so that it is present in the apache configuration as below and not commented out : LoadModule log_config_module modules/mod_log_config.so p12 |
| DISA STIG Apache SITE 2.2 for Windows Release: 1 Benchmark Date: 23 Nov 2011 | Rule Title: Logs of web server access and errors must be established and maintained.
STIG ID: WG240 W22 Rule ID: SV-33132r1_rule Vuln ID: V-2250
Severity: CAT II Class: Unclass |
| DISA STIG Apache SITE 2.2 for Unix Release: 1 Benchmark Date: 23 Nov 2011 | Rule Title: Logs of web server access and errors must be established and maintained.
STIG ID: WG240 A22 Rule ID: SV-33025r1_rule Vuln ID: V-2250
Severity: CAT II Class: Unclass |
