admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#3654

Browse Source 
Auto-merge PR#3654
This commit is contained in:
CVE Team 2020-04-21 15:50:18 -04:00 committed by GitHub
commit 61f05bf074
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 76 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
2020/5xxx/CVE-2020-5301.json
View File

@ -1,18 +1,88 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5301",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Information disclosure of source code in SimpleSAMLphp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "simplesamlphp",
"version": {
"version_data": [
{
"version_value": "< 1.18.6"
}
]
}
}
]
},
"vendor_name": "simplesamlphp"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability.\n\nThe module controller in `SimpleSAML\\Module` that processes requests for pages\nhosted by modules, has code to identify paths ending with `.php` and process\nthose as PHP code. If no other suitable way of handling the given path exists it\npresents the file to the browser.\n\nThe check to identify paths ending with `.php` does not account for uppercase\nletters. If someone requests a path ending with e.g. `.PHP` and the server is\nserving the code from a case-insensitive file system, such as on Windows, the\nprocessing of the PHP code does not occur, and the source code is instead\npresented to the browser.\n\nAn attacker may use this issue to gain access to the source code in third-party\nmodules that is meant to be private, or even sensitive. However, the attack\nsurface is considered small, as the attack will only work when SimpleSAMLphp\nserves such content from a file system that is not case-sensitive, such as on\nWindows.\n\nThis issue is fixed in version 1.18.6."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/simplesamlphp/simplesamlphp/security/advisories/GHSA-24m3-w8g9-jwpq",
"refsource": "CONFIRM",
"url": "https://github.com/simplesamlphp/simplesamlphp/security/advisories/GHSA-24m3-w8g9-jwpq"
},
{
"name": "https://github.com/simplesamlphp/simplesamlphp/commit/47968d26a2fd3ed52da70dc09210921d612ce44e",
"refsource": "MISC",
"url": "https://github.com/simplesamlphp/simplesamlphp/commit/47968d26a2fd3ed52da70dc09210921d612ce44e"
}
]
},
"source": {
"advisory": "GHSA-24m3-w8g9-jwpq",
"discovery": "UNKNOWN"
}
}