CVE-2023-47130 - OpenCVE

Yii is an open source PHP web framework. yiisoft/yii before version 1.1.29 are vulnerable to Remote Code Execution (RCE) if the application calls `unserialize()` on arbitrary user input. An attacker may leverage this vulnerability to compromise the host system. A fix has been developed for the 1.1.29 release. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Yiiframework	Yii

Configuration 1 [-]

cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/yiisoft/yii/commit/37142be4dc5831114a375392e86d6450d4951c06	Patch
https://github.com/yiisoft/yii/security/advisories/GHSA-mw2w-2hj2-fg8q	Patch
https://owasp.org/www-community/vulnerabilities/PHP_Object_Injection	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-11-14T20:30:16.393Z

Updated: 2023-11-14T20:30:16.393Z

Reserved: 2023-10-30T19:57:51.677Z

Link: CVE-2023-47130

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-14T21:15:11.450

Modified: 2023-11-20T20:30:13.503

Link: CVE-2023-47130

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-47130", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-10-30T19:57:51.677Z", "datePublished": "2023-11-14T20:30:16.393Z", "dateUpdated": "2023-11-14T20:30:16.393Z"}, "containers": {"cna": {"title": "Unsafe deserialization of user data in yiisoft/yii", "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "lang": "en", "description": "CWE-502: Deserialization of Untrusted Data", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/yiisoft/yii/security/advisories/GHSA-mw2w-2hj2-fg8q", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/yiisoft/yii/security/advisories/GHSA-mw2w-2hj2-fg8q"}, {"name": "https://github.com/yiisoft/yii/commit/37142be4dc5831114a375392e86d6450d4951c06", "tags": ["x_refsource_MISC"], "url": "https://github.com/yiisoft/yii/commit/37142be4dc5831114a375392e86d6450d4951c06"}, {"name": "https://owasp.org/www-community/vulnerabilities/PHP_Object_Injection", "tags": ["x_refsource_MISC"], "url": "https://owasp.org/www-community/vulnerabilities/PHP_Object_Injection"}], "affected": [{"vendor": "yiisoft", "product": "yii", "versions": [{"version": "< 1.1.29", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-11-14T20:30:16.393Z"}, "descriptions": [{"lang": "en", "value": "Yii is an open source PHP web framework. yiisoft/yii before version 1.1.29 are vulnerable to Remote Code Execution (RCE) if the application calls `unserialize()` on arbitrary user input. An attacker may leverage this vulnerability to compromise the host system. A fix has been developed for the 1.1.29 release. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-mw2w-2hj2-fg8q", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB748E60-B917-4737-B510-23FBE2DBF4C4", "versionEndExcluding": "1.1.29", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Yii is an open source PHP web framework. yiisoft/yii before version 1.1.29 are vulnerable to Remote Code Execution (RCE) if the application calls `unserialize()` on arbitrary user input. An attacker may leverage this vulnerability to compromise the host system. A fix has been developed for the 1.1.29 release. Users are advised to upgrade. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Yii es un framework web PHP de c\u00f3digo abierto. yiisoft/yii antes de la versi\u00f3n 1.1.29 son vulnerables a Remote Code Execution (RCE) si la aplicaci\u00f3n llama a `unserialize()` ante una entrada arbitraria del usuario. Un atacante puede aprovechar esta vulnerabilidad para comprometer el sistema host. Se ha desarrollado una soluci\u00f3n para la versi\u00f3n 1.1.29. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}], "id": "CVE-2023-47130", "lastModified": "2023-11-20T20:30:13.503", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-11-14T21:15:11.450", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/yiisoft/yii/commit/37142be4dc5831114a375392e86d6450d4951c06"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/yiisoft/yii/security/advisories/GHSA-mw2w-2hj2-fg8q"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://owasp.org/www-community/vulnerabilities/PHP_Object_Injection"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "security-advisories@github.com", "type": "Primary"}]}