virus logo Endpoint Vulnerability

Apache Httpd CVE-2017-3167 Authentication Bypass Vulnerability

description-logoDescription

Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.

affected-products-logoAffected Applications

Apache Httpd

Version Updates

Date Version Status Detail
2026-02-21 2.00700
New
 Apache Httpd
2021-12-07 2.00079
Modified
 Apache Httpd
2020-02-21 2.00048
New
 Apache Httpd
2019-08-21 1.00042
Modified
 Apache Httpd
2019-02-05 1.00034
Modified
 Apache Httpd
2019-01-03 1.00033
Modified
 Apache Httpd

References

https://httpd.apache.org/security/
ID 41665
Created Jan 17, 2020
Description
Updated		 Mar 07, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Apache
Patch manual
Application Apache Httpd