CVE-2018-5712

MEDIUM

Description

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

References

http://php.net/ChangeLog-5.php

http://php.net/ChangeLog-7.php

http://www.securityfocus.com/bid/102742

http://www.securityfocus.com/bid/104020

http://www.securitytracker.com/id/1040363

https://access.redhat.com/errata/RHSA-2018:1296

https://access.redhat.com/errata/RHSA-2019:2519

https://bugs.php.net/bug.php?id=74782

https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html

https://usn.ubuntu.com/3566-1/

https://usn.ubuntu.com/3600-1/

https://usn.ubuntu.com/3600-2/

Details

Source: MITRE

Published: 2018-01-16

Updated: 2019-08-19

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.6.32 (inclusive)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from 7.0.0 to 7.0.26 (inclusive)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 7.1.12 (inclusive)

cpe:2.3:a:php:php:7.2.0:*:*:*:*:*:*:*

Configuration 2

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 3

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

Tenable Plugins

View all (28 total)

ID	Name	Product	Family	Severity
137966	EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2020-1747)	Nessus	Huawei Local Security Checks	critical
135827	Scientific Linux Security Update : php on SL7.x x86_64 (20200407)	Nessus	Scientific Linux Local Security Checks	high
135338	CentOS 7 : php (CESA-2020:1112)	Nessus	CentOS Local Security Checks	high
135040	RHEL 7 : php (RHSA-2020:1112)	Nessus	Red Hat Local Security Checks	high
132184	EulerOS 2.0 SP3 : php (EulerOS-SA-2019-2649)	Nessus	Huawei Local Security Checks	critical
131592	EulerOS 2.0 SP2 : php (EulerOS-SA-2019-2438)	Nessus	Huawei Local Security Checks	critical
129178	EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1984)	Nessus	Huawei Local Security Checks	high
98824	PHP 5.6.x < 5.6.33 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
98865	PHP 7.2.x < 7.2.1 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
98858	PHP 7.1.x < 7.1.13 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
98846	PHP 7.0.x < 7.0.27 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
120886	Fedora 28 : php (2018-ee6707d519)	Nessus	Fedora Local Security Checks	medium
120015	SUSE SLES12 Security Update : php7 (SUSE-SU-2018:0308-1)	Nessus	SuSE Local Security Checks	medium
120013	SUSE SLES12 Security Update : php5 (SUSE-SU-2018:0216-1)	Nessus	SuSE Local Security Checks	medium
109560	Fedora 26 : php (2018-6071a600e8)	Nessus	Fedora Local Security Checks	medium
109559	Fedora 27 : php (2018-04f6056c42)	Nessus	Fedora Local Security Checks	medium
108650	SUSE SLES11 Security Update : php53 (SUSE-SU-2018:0806-1)	Nessus	SuSE Local Security Checks	high
108483	Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : php5, php7.0, php7.1 vulnerabilities (USN-3600-1)	Nessus	Ubuntu Local Security Checks	high
106792	Ubuntu 14.04 LTS : php5 vulnerabilities (USN-3566-1)	Nessus	Ubuntu Local Security Checks	high
106691	Amazon Linux AMI : php56 / php70,php71 (ALAS-2018-946)	Nessus	Amazon Linux Local Security Checks	medium
106586	Slackware 14.0 / 14.1 / 14.2 / current : php (SSA:2018-034-01)	Nessus	Slackware Local Security Checks	medium
106550	openSUSE Security Update : php7 (openSUSE-2018-119)	Nessus	SuSE Local Security Checks	medium
106434	openSUSE Security Update : php5 (openSUSE-2018-99)	Nessus	SuSE Local Security Checks	medium
106207	Debian DLA-1251-1 : php5 security update	Nessus	Debian Local Security Checks	medium
105774	PHP 7.2.x < 7.2.1 Multiple Vulnerabilities	Nessus	CGI abuses	medium
105773	PHP 7.1.x < 7.1.13 Multiple Vulnerabilities	Nessus	CGI abuses	medium
105772	PHP 7.0.x < 7.0.27 Multiple Vulnerabilities	Nessus	CGI abuses	medium
105771	PHP 5.6.x < 5.6.33 Multiple Vulnerabilities	Nessus	CGI abuses	medium