Description
Cytrix has detected that the Version of Apache HTTP Server being used is vulnerable to ‘bypass with a trailing newline in the file name’.
CVE-2017-15715 is categorized as an ‘Improper Input Validation’ vulnerability (CWE-20).
That means that the product receives an input or data, but it does not validate or incorrectly validates that the input actually has the properties that are required to process the data safely and correctly.
The expression specified in could possibly match ‘$’ to a newline character in a malicious filename. Rather than matching only the end of the filename.
This could be exploited in environments where uploads of some files are are blocked externally, but only by matching the trailing portion of the filename.
It will lead to information being disclosed, assisting attackers in performing attacks against your assets.
There’s a chance that this vulnerability will allow attackers to modify system files and information. Also, it could cause a decrease in performance and interruptions in the availability of resources.
Recommendation
To fix CVE-2017-15715, upgrade the version of Apache HTTP Server being used to 2.4.33.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715