Table of Contents
This flaw is exploitable in httpd if it is configured to allow an untrusted user to upload and execute arbitrary scripts. Due to the nature of the flaw, the uploaded script would not run as a restricted privileged user, but rather it runs as root allowing for privilege escalation from the restricted user to root on the web server.
Depending on the configuration of the server, you would need local (AV:L) privileges to place the script or network (AV:N) privileges if the server ran an application that permitted uploading scripts directly. The latter scenario is not common for unauthenticated users. Once the attacker can place the script somewhere in the web root where it can be easily exploited (AC:L). This type of setup is more common in shared hosted environments (PR:L) and would allow an attacker with access to a site on the shared hosted to impact the confidentiality, integrity, and availability (CIA:H) with no interaction (UI:N). Due to the elevated privileges obtained, there is an impact to the system beyond the web server itself (S:C).
CVSS v3 metrics
|CVSS3 Base Score||8.8|
|CVSS3 Base Metrics||CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H|
Red Hat Security Errata
|Red Hat JBoss Core Services 1||RHSA-2019:1543||2019-06-18|
|Red Hat JBoss Core Services on RHEL 6 Server||RHSA-2019:1297||2019-05-30|
|Red Hat Software Collections for Red Hat Enterprise Linux 7 (httpd24-httpd)||RHSA-2019:0746||2019-04-11|
|Red Hat Software Collections for Red Hat Enterprise Linux 6 (httpd24-httpd)||RHSA-2019:0746||2019-04-11|
|Red Hat JBoss Core Services 1||RHSA-2019:1296||2019-05-30|
|Red Hat Enterprise Linux 8 (httpd:2.4)||RHSA-2019:0980||2019-05-07|
|Red Hat JBoss Core Services on RHEL 7 Server||RHSA-2019:1297||2019-05-30|