Description
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.

This issue affects Apache HTTP Server: from through 2.4.67.

Users are recommended to upgrade to version 2.4.68, which fixes the issue.
Published: 2026-06-08
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability originates from improper privilege management in Apache HTTP Server 2.4.67 and earlier. Local authors of .htaccess files can exploit expressions to read files that the httpd user normally cannot access. This creates a privilege escalation path that allows the attacker to read privileged or sensitive files, compromising confidentiality and potentially exposing configuration or user data. The weakness aligns with CWE-266 and CWE-269.

Affected Systems

The affected product is Apache HTTP Server, on all supported platforms. Any installation running version 2.4.67 or earlier is vulnerable. Versions 2.4.68 and later contain the fix. Affected modules include those that interpret .htaccess expressions.

Risk and Exploitability

The CVSS score is 5.5, and the EPSS score of 0.00015 (0.015%) indicates a very low probability of exploitation. The vulnerability is local, requiring the attacker to have write access to a .htaccess file in a directory served by Apache. While this limits exposure to attackers who can write configuration files, the ability to read privileged files is a powerful local privilege escalation vector. The vulnerability is not listed in the CISA KEV catalog, suggesting no known widespread exploitation but still presenting a significant risk to local attackers.

Generated by OpenCVE AI on June 13, 2026 at 01:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Apache HTTP Server 2.4.68 or later, which removes the ability for .htaccess authors to read files with the httpd user’s privileges.
  • Restrict write permissions to .htaccess and other configuration files so that only trusted administrators can modify them. Move served directories to read‑only ownership where possible.
  • Review your Apache configuration and consider disabling or restricting modules that allow expressions in .htaccess, such as mod_access_compat, to remove the attack surface until a patch is applied.

Generated by OpenCVE AI on June 13, 2026 at 01:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4629-1 apache2 security update
History

Sat, 13 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-266
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 11 Jun 2026 04:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Tue, 09 Jun 2026 12:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 08 Jun 2026 23:30:00 +0000

Type Values Removed Values Added
References

Mon, 08 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache http Server
Vendors & Products Apache
Apache http Server

Mon, 08 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Description Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue.
Title Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules
Weaknesses CWE-269
References

Subscriptions

Apache Http Server
cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2026-06-09T11:57:10.824Z

Reserved: 2026-05-05T11:34:53.172Z

Link: CVE-2026-44119

cve-icon Vulnrichment

Updated: 2026-06-09T11:56:44.983Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-08T16:16:40.203

Modified: 2026-06-11T04:01:09.907

Link: CVE-2026-44119

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-08T15:17:31Z

Links: CVE-2026-44119 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-13T02:00:08Z

Weaknesses
  • CWE-266

    Incorrect Privilege Assignment

  • CWE-269

    Improper Privilege Management