Synology-SA-19:14 Apache HTTP Server

Publish Time: 2019-04-03 14:41:40 UTC+8

Last Updated: 2019-04-03 18:01:07 UTC+8

Severity
Important
Status
Resolved

Abstract

CVE-2019-0211 allows local users to conduct privilege escalation attacks via a susceptible version of Apache HTTP server 2.4.

Affected Products

Product Severity Fixed Release Availability
Apache HTTP Server 2.2 Not affected N/A
Apache HTTP Server 2.4 Important Upgrade to 2.4.39-0014 or above.

Mitigation

None

Detail

Reserved

Reference

Revision

Revision Date Description
1 2019-04-03 Initial public release.
2 2019-04-03 Update for Apache HTTP Server 2.4 is now available in Affected Products.