CCE-90797-2| Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Disable Cache Support
The 'cache' module allows 'httpd' to cache data, optimizing access to
frequently accessed content. However, it introduces potential security flaws
such as the possibility of circumventing 'Allow' and
'Deny' directives.
If this functionality is
unnecessary, comment out the module:
'#LoadModule cache_module modules/mod_cache.so'
If caching is required, it should not be enabled for any limited-access content.
Parameter:
Technical Mechanism:
Minimizing the number of loadable modules available to the web server reduces risk
by limiting the capabilities allowed by the web server.
Fix:
No Remediation Info
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : | Attack Vector: |
| Exploit Score: | Attack Complexity: |
| Impact Score: | Privileges Required: |
| Severity: | User Interaction: |
| Vector: | Scope: |
| | Confidentiality: |
| | Integrity: |
| | Availability: |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31204 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30481 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31204 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30481 |
