CVE-2020-7071 - OpenCVE

In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Netapp	Clustered Data Ontap
Debian	Debian Linux
Php	Php

Configuration 1 [-]

OR	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 3 [-]

cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*

References

Link	Resource
https://bugs.php.net/bug.php?id=77423	Exploit Issue Tracking Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202105-23	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210312-0005/	Vendor Advisory
https://www.debian.org/security/2021/dsa-4856	Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
https://www.tenable.com/security/tns-2021-14	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: php

Published: 2021-01-04T00:00:00

Updated: 2021-10-20T10:40:15

Reserved: 2020-01-15T00:00:00

Link: CVE-2020-7071

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-02-15T04:15:12.563

Modified: 2022-08-29T20:05:12.300

Link: CVE-2020-7071

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "PHP", "vendor": "PHP Group", "versions": [{"lessThan": "7.3.26", "status": "affected", "version": "7.3.x", "versionType": "custom"}, {"lessThan": "7.4.14", "status": "affected", "version": "7.4.x", "versionType": "custom"}, {"lessThan": "8.0.1", "status": "affected", "version": "8.0.X", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Reported by jifan dot jf at alibaba-inc dot com"}], "datePublic": "2021-01-04T00:00:00", "descriptions": [{"lang": "en", "value": "In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-20T10:40:15", "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.php.net/bug.php?id=77423"}, {"name": "DSA-4856", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2021/dsa-4856"}, {"name": "GLSA-202105-23", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202105-23"}, {"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2708-1] php7.0 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.tenable.com/security/tns-2021-14"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210312-0005/"}], "source": {"defect": ["https://bugs.php.net/bug.php?id=77423"], "discovery": "EXTERNAL"}, "title": "FILTER_VALIDATE_URL accepts URLs with invalid userinfo", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@php.net", "DATE_PUBLIC": "2021-01-04T17:54:00.000Z", "ID": "CVE-2020-7071", "STATE": "PUBLIC", "TITLE": "FILTER_VALIDATE_URL accepts URLs with invalid userinfo"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PHP", "version": {"version_data": [{"version_affected": "<", "version_name": "7.3.x", "version_value": "7.3.26"}, {"version_affected": "<", "version_name": "7.4.x", "version_value": "7.4.14"}, {"version_affected": "<", "version_name": "8.0.X", "version_value": "8.0.1"}]}}]}, "vendor_name": "PHP Group"}]}}, "credit": [{"lang": "eng", "value": "Reported by jifan dot jf at alibaba-inc dot com"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://bugs.php.net/bug.php?id=77423", "refsource": "MISC", "url": "https://bugs.php.net/bug.php?id=77423"}, {"name": "DSA-4856", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4856"}, {"name": "GLSA-202105-23", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202105-23"}, {"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2708-1] php7.0 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html"}, {"name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"name": "https://www.tenable.com/security/tns-2021-14", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2021-14"}, {"name": "https://security.netapp.com/advisory/ntap-20210312-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210312-0005/"}]}, "source": {"defect": ["https://bugs.php.net/bug.php?id=77423"], "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "assignerShortName": "php", "cveId": "CVE-2020-7071", "datePublished": "2021-01-04T00:00:00", "dateReserved": "2020-01-15T00:00:00", "dateUpdated": "2021-10-20T10:40:15", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "67F12208-9A77-4FBA-A3C9-0E5A08394D57", "versionEndExcluding": "7.3.26", "versionStartIncluding": "7.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "D2DE7B3F-B495-41CB-B4B8-CCE4A0D99D45", "versionEndExcluding": "7.4.14", "versionStartIncluding": "7.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "649C94AB-07A2-417B-999B-A67416C5AB29", "versionEndExcluding": "8.0.1", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL."}, {"lang": "es", "value": "En PHP versiones 7.3.x por debajo de 7.3.26, 7.4.x por debajo de 7.4.14 y 8.0.0, cuando se comprueba una URL con funciones como filter_var ($url, FILTER_VALIDATE_URL), PHP aceptar\u00e1 una URL con una contrase\u00f1a no v\u00e1lida como una URL v\u00e1lida. Esto puede conllevar a funciones que dependen de que la URL sea v\u00e1lida para analizar inapropiadamente la URL y producir datos incorrectos como componentes de la URL"}], "id": "CVE-2020-7071", "lastModified": "2022-08-29T20:05:12.300", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@php.net", "type": "Secondary"}]}, "published": "2021-02-15T04:15:12.563", "references": [{"source": "security@php.net", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugs.php.net/bug.php?id=77423"}, {"source": "security@php.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202105-23"}, {"source": "security@php.net", "tags": ["Vendor Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210312-0005/"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4856"}, {"source": "security@php.net", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-14"}], "sourceIdentifier": "security@php.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@php.net", "type": "Secondary"}]}