vulnerability

Ubuntu: (Multiple Advisories) (CVE-2017-6807): mod_auth_mellon vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Mar 13, 2017	Oct 23, 2020	Apr 25, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Mar 13, 2017

Added

Oct 23, 2020

Modified

Apr 25, 2025

Description

François Kooman discovered that mod_auth_mellon incorrectly handled
cookies. An attacker could possibly use this issue to cause a Cross-Site
Session Transfer attack. (CVE-2017-6807)

It was discovered that mod_auth_mellon incorrectly handled certain requests.
An attacker could possibly use this issue to redirect a user to a malicious
URL. (CVE-2019-3877)

It was discovered that mod_auth_mellon incorrectly handled certain requests.
An attacker could possibly use this issue to access sensitive information.
(CVE-2019-3878)

Solution

ubuntu-upgrade-libapache2-mod-auth-mellon

References

CVE-2017-6807
https://attackerkb.com/topics/CVE-2017-6807
NVD-CVE-2017-6807
UBUNTU-USN-3924-1
UBUNTU-USN-4597-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today