Description

In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.

Remediation

References

CVE-2017-15715

Related Vulnerabilities

WordPress Plugin Vitamin Multiple Arbitrary File Disclosure Vulnerabilities (1.0.0)

WordPress Plugin User Activity Log Multiple Vulnerabilities (1.2.4)

Cherokee Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-20799)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1734)

WordPress Plugin WP ALL Export Pro Multiple Vulnerabilities (1.7.8)

Severity

High

Classification

CVE-2017-15715 CWE-20 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities