1. CVE-Search
  2. CVE-2018-8040
ID CVE-2018-8040
Summary Pages that are rendered using the ESI plugin can have access to the cookie header when the plugin is configured not to allow access. This affects Apache Traffic Server (ATS) versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions.
References
Vulnerable Configurations
  • cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.1:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.1:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.2:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.2:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.1:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.1:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc3:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc3:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc4:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc4:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.3:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.3:rc0:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE CWE-668
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 105181
confirm https://github.com/apache/trafficserver/pull/3926
debian DSA-4282
mlist
  • [trafficserver-users] 20180828 Re: [ANNOUNCE] Apache Traffic Server vulnerability with header variable access in the ESI plugin - CVE-2018-8040
  • [trafficserver-users] 20180828 [ANNOUNCE] Apache Traffic Server vulnerability with header variable access in the ESI plugin - CVE-2018-8040
Last major update 03-10-2019 - 00:03
Published 29-08-2018 - 13:29
Last modified 03-10-2019 - 00:03
Back to Top