From 36acc5b7092773761e5c64ba7c34b08b67bed281 Mon Sep 17 00:00:00 2001 From: Robert Schultheis Date: Wed, 10 Jun 2020 13:37:43 -0600 Subject: [PATCH] add CVE-2020-4043 for GHSA-qr95-4mq5-r3fh --- 2020/4xxx/CVE-2020-4043.json | 97 +++++++++++++++++++++++++++++++++--- 1 file changed, 91 insertions(+), 6 deletions(-) diff --git a/2020/4xxx/CVE-2020-4043.json b/2020/4xxx/CVE-2020-4043.json index 445eb3c29a3..86ef97a29ac 100644 --- a/2020/4xxx/CVE-2020-4043.json +++ b/2020/4xxx/CVE-2020-4043.json @@ -1,18 +1,103 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-4043", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Phar unserialization vulnerability in phpMussel" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "phpMussel", + "version": { + "version_data": [ + { + "version_value": ">= 1.0.0, < 1.6.0" + } + ] + } + } + ] + }, + "vendor_name": "phpMussel" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper.\n\nUploading a specially crafted file to an affected version allows arbitrary code execution (discovered, tested, and confirmed by myself), so the risk factor should be regarded as very high. Newer phpMussel versions don't use PHP's phar wrapper, and are therefore unaffected.\n\nThis has been fixed in version 1.6.0." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502: Deserialization of Untrusted Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/phpMussel/phpMussel/security/advisories/GHSA-qr95-4mq5-r3fh", + "refsource": "CONFIRM", + "url": "https://github.com/phpMussel/phpMussel/security/advisories/GHSA-qr95-4mq5-r3fh" + }, + { + "name": "https://github.com/phpMussel/phpMussel/issues/167", + "refsource": "MISC", + "url": "https://github.com/phpMussel/phpMussel/issues/167" + }, + { + "name": "https://github.com/phpMussel/phpMussel/pull/173", + "refsource": "MISC", + "url": "https://github.com/phpMussel/phpMussel/pull/173" + }, + { + "name": "https://github.com/phpMussel/phpMussel/commit/97f25973433921c1f953430f32d3081adc4851a4", + "refsource": "MISC", + "url": "https://github.com/phpMussel/phpMussel/commit/97f25973433921c1f953430f32d3081adc4851a4" + }, + { + "name": "https://github.com/phpMussel/phpMussel/security/policy#currently-known-vulnerabilities", + "refsource": "MISC", + "url": "https://github.com/phpMussel/phpMussel/security/policy#currently-known-vulnerabilities" + } + ] + }, + "source": { + "advisory": "GHSA-qr95-4mq5-r3fh", + "discovery": "UNKNOWN" } } \ No newline at end of file