1. Home
  2. CVE Database
  3. CVE-2018-8011
HIGH · 7.5

CVE-2018-8011

By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP S...

Vulnerability Description

By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33).

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
ApacheHttp Server2.4.33
NetappCloud Backup-

Related Weaknesses (CWE)

CWE-476

References

FAQ

What is CVE-2018-8011?

CVE-2018-8011 is a vulnerability with a CVSS score of 7.5 (HIGH). By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP S...

How severe is CVE-2018-8011?

CVE-2018-8011 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-8011?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Netapp Cloud Backup.