CVE-2020-7066

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.

References

https://bugs.php.net/bug.php?id=79329

https://security.netapp.com/advisory/ntap-20200403-0001/

https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html

https://usn.ubuntu.com/4330-2/

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html

https://www.debian.org/security/2020/dsa-4717

https://www.debian.org/security/2020/dsa-4719

Details

Source: MITRE

Published: 2020-04-01

Updated: 2021-07-22

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 4.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Tenable Plugins

View all (27 total)

IDNameProductFamilySeverity
152986Tenable SecurityCenter < 5.19.0 Multiple Vulnerabilities (TNS-2021-14)NessusMisc.
high
151985Tenable.sc < 5.19.0 Multiple Vulnerabilities (TNS-2021-14) (deprecated)NessusMisc.
high
145957CentOS 8 : php:7.3 (CESA-2020:3662)NessusCentOS Local Security Checks
critical
140834EulerOS 2.0 SP3 : php (EulerOS-SA-2020-2067)NessusHuawei Local Security Checks
critical
140482Oracle Linux 8 : php:7.3 (ELSA-2020-3662)NessusOracle Linux Local Security Checks
critical
140396RHEL 8 : php:7.3 (RHSA-2020:3662)NessusRed Hat Local Security Checks
critical
138289SUSE SLES12 Security Update : php5 (SUSE-SU-2020:1714-1)NessusSuSE Local Security Checks
medium
138225Debian DSA-4719-1 : php7.3 - security updateNessusDebian Local Security Checks
high
138106Debian DSA-4717-1 : php7.0 - security updateNessusDebian Local Security Checks
medium
137807EulerOS Virtualization for ARM 64 3.0.6.0 : php (EulerOS-SA-2020-1700)NessusHuawei Local Security Checks
medium
137588SUSE SLES12 Security Update : php72 (SUSE-SU-2020:1546-1)NessusSuSE Local Security Checks
medium
136864EulerOS 2.0 SP8 : php (EulerOS-SA-2020-1586)NessusHuawei Local Security Checks
medium
136629Amazon Linux AMI : php73 (ALAS-2020-1368)NessusAmazon Linux Local Security Checks
high
136628Amazon Linux AMI : php72 (ALAS-2020-1367)NessusAmazon Linux Local Security Checks
medium
136469SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:1199-1)NessusSuSE Local Security Checks
medium
136460openSUSE Security Update : php7 (openSUSE-2020-642)NessusSuSE Local Security Checks
medium
136398Ubuntu 20.04 : php7.4 vulnerabilities (USN-4330-2)NessusUbuntu Local Security Checks
high
135980Debian DLA-2188-1 : php5 security updateNessusDebian Local Security Checks
medium
135672Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : PHP vulnerabilities (USN-4330-1)NessusUbuntu Local Security Checks
high
134965GLSA-202003-57 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
134962Fedora 30 : php (2020-ce5a2a7403)NessusFedora Local Security Checks
high
134949PHP 7.2.x < 7.2.29 Multiple VulnerabilitiesNessusCGI abuses
medium
134944PHP 7.3.x < 7.3.16 Multiple VulnerabilitiesNessusCGI abuses
high
134919Fedora 31 : php (2020-0bf228857a)NessusFedora Local Security Checks
high
98993PHP 7.2.x < 7.2.29 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
98992PHP 7.3.x < 7.3.16 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
98991PHP 7.4.x < 7.4.4 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high