CVE-2017-3167

Published: 2017-06-20T01:29Z

Last Modified: 2024-11-21T03:24Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt