Description
Cytrix has detected that the version of Apache HTTP server being used may be vulnerable to a privilege escalation bug.
That means that less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of a parent process (usually root). Also known as CVE-2019-0211.
By manipulating the scoreboard, arbitrary codes can be executed.
That will cause all system files to be revealed (Information Disclosure) which assists attackers in initiating attacks.
There is a chance to a complete loss of system protection, resulting in the entire system being compromised and its integrity to be flawed.
Severity/Score
CVSS Version 3.x – 7.8 High
Recommendation
To fix CVE-2019-0211, upgrade the version of Apache Server being used to 2.4.39.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
https://cwe.mitre.org/data/definitions/416.html