Apache Web Server Vulnerability

Apache Web Server Vulnerability

A critical* vulnerability related to Apache Web Server has just published.

The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).

Affected Systems

• Apache Web Server

IoC’s

-

Recommended Solution(s)

It is recommended to manage settings, management and handling of privileges very carefully. Explicitly manage trust zones in the software. Follow the principle of least privilege when assigning access rights to entities in a software system.

It is recommended to consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CVE / CWE

CVE-2022-2104

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2022-2104
• https://cwe.mitre.org/data/definitions/269.html
• https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-03

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.