In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerability than CVE-2019-10867 and CVE-2019-16318.
References
Link | Resource |
---|---|
https://github.com/pimcore/pimcore/commit/6ee5d8536d0802e377594cbe39083e822710aab9 | Patch |
https://snyk.io/vuln/SNYK-PHP-PIMCOREPIMCORE-451599 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-14T17:01:41
Updated: 2019-09-14T17:01:41
Reserved: 2019-09-14T00:00:00
Link: CVE-2019-16317
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-09-14T18:15:11.197
Modified: 2019-09-17T13:04:19.020
Link: CVE-2019-16317
JSON object: View
Redhat Information
No data.
CWE