CVE-2018-5712 - OpenCVE

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Php	Php

Configuration 1 [-]

OR	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php:7.2.0:::::::*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

References

Link	Resource
http://php.net/ChangeLog-5.php	Release Notes Vendor Advisory
http://php.net/ChangeLog-7.php	Release Notes Vendor Advisory
http://www.securityfocus.com/bid/102742	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/104020	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040363	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:1296	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2519
https://bugs.php.net/bug.php?id=74782	Issue Tracking Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html	Mailing List Third Party Advisory
https://usn.ubuntu.com/3566-1/	Third Party Advisory
https://usn.ubuntu.com/3600-1/	Third Party Advisory
https://usn.ubuntu.com/3600-2/	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2018-01-16T09:00:00

Updated: 2020-04-15T21:06:47

Reserved: 2018-01-16T00:00:00

Link: CVE-2018-5712

JSON object: View

NVD Information

Status : Modified

Published: 2018-01-16T09:29:00.623

Modified: 2019-08-19T11:15:14.540

Link: CVE-2018-5712

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-01-16T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-15T21:06:47", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "USN-3600-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3600-1/"}, {"name": "1040363", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040363"}, {"name": "104020", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104020"}, {"name": "RHSA-2018:1296", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://php.net/ChangeLog-5.php"}, {"name": "USN-3566-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3566-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://php.net/ChangeLog-7.php"}, {"name": "[debian-lts-announce] 20180120 [SECURITY] [DLA 1251-1] php5 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.php.net/bug.php?id=74782"}, {"name": "102742", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/102742"}, {"name": "USN-3600-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3600-2/"}, {"name": "RHSA-2019:2519", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:2519"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-5712", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-3600-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3600-1/"}, {"name": "1040363", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040363"}, {"name": "104020", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104020"}, {"name": "RHSA-2018:1296", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"name": "http://php.net/ChangeLog-5.php", "refsource": "CONFIRM", "url": "http://php.net/ChangeLog-5.php"}, {"name": "USN-3566-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3566-1/"}, {"name": "http://php.net/ChangeLog-7.php", "refsource": "CONFIRM", "url": "http://php.net/ChangeLog-7.php"}, {"name": "[debian-lts-announce] 20180120 [SECURITY] [DLA 1251-1] php5 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html"}, {"name": "https://bugs.php.net/bug.php?id=74782", "refsource": "CONFIRM", "url": "https://bugs.php.net/bug.php?id=74782"}, {"name": "102742", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102742"}, {"name": "USN-3600-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3600-2/"}, {"name": "RHSA-2019:2519", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2519"}, {"name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-5712", "datePublished": "2018-01-16T09:00:00", "dateReserved": "2018-01-16T00:00:00", "dateUpdated": "2020-04-15T21:06:47", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "41A22DA0-EE98-49B2-B8E7-40F56E626501", "versionEndIncluding": "5.6.32", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "9164AFA9-D1F7-4C0F-BE46-D0509C193618", "versionEndIncluding": "7.0.26", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD1C4486-6DC7-4F3D-839D-69826E9BA767", "versionEndIncluding": "7.1.12", "versionStartExcluding": "7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "23D5409A-2C95-4696-8C66-AF69A5500FAF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file."}, {"lang": "es", "value": "Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.33, versiones 7.0.x anteriores a la 7.0.27, versiones 7.1.x anteriores a la 7.1.13 y versiones 7.2.x anteriores a la 7.2.1. Hay XSS reflejado en la p\u00e1gina de error PHAR 404 mediante el URI de una petici\u00f3n de un archivo .phar."}], "id": "CVE-2018-5712", "lastModified": "2019-08-19T11:15:14.540", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-01-16T09:29:00.623", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "http://php.net/ChangeLog-5.php"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "http://php.net/ChangeLog-7.php"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102742"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104020"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040363"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1296"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2519"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.php.net/bug.php?id=74782"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3566-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3600-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3600-2/"}, {"source": "cve@mitre.org", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}