CVE-2018-15132 - OpenCVE

An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Netapp	Storage Automation Store
Php	Php

Configuration 1 [-]

OR	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::

Configuration 2 [-]

cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://php.net/ChangeLog-5.php
http://php.net/ChangeLog-7.php
https://bugs.php.net/bug.php?id=76459
https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4
https://security.netapp.com/advisory/ntap-20181107-0003/
https://www.tenable.com/security/tns-2018-12

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-08-07T15:00:00

Updated: 2024-08-05T09:46:25.401Z

Reserved: 2018-08-07T00:00:00

Link: CVE-2018-15132

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-08-07T15:29:00.873

Modified: 2019-03-08T13:30:39.977

Link: CVE-2018-15132

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-08-07T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-11-08T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://php.net/ChangeLog-5.php"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20181107-0003/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.tenable.com/security/tns-2018-12"}, {"tags": ["x_refsource_MISC"], "url": "http://php.net/ChangeLog-7.php"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.php.net/bug.php?id=76459"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-15132", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://php.net/ChangeLog-5.php", "refsource": "MISC", "url": "http://php.net/ChangeLog-5.php"}, {"name": "https://security.netapp.com/advisory/ntap-20181107-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20181107-0003/"}, {"name": "https://www.tenable.com/security/tns-2018-12", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2018-12"}, {"name": "http://php.net/ChangeLog-7.php", "refsource": "MISC", "url": "http://php.net/ChangeLog-7.php"}, {"name": "https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4", "refsource": "MISC", "url": "https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4"}, {"name": "https://bugs.php.net/bug.php?id=76459", "refsource": "MISC", "url": "https://bugs.php.net/bug.php?id=76459"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T09:46:25.401Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://php.net/ChangeLog-5.php"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20181107-0003/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.tenable.com/security/tns-2018-12"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://php.net/ChangeLog-7.php"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.php.net/bug.php?id=76459"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-15132", "datePublished": "2018-08-07T15:00:00", "dateReserved": "2018-08-07T00:00:00", "dateUpdated": "2024-08-05T09:46:25.401Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "C7790A37-5872-498A-AF77-4C72F5E6535E", "versionEndExcluding": "5.6.37", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4F254A0-4FCB-4015-B4BA-FC634D47A473", "versionEndExcluding": "7.0.31", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9AEDB1B-9295-45A4-80FE-E10DF404E267", "versionEndExcluding": "7.1.20", "versionStartIncluding": "7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF1D395B-6711-40A9-8E0E-9153B8A71F04", "versionEndExcluding": "7.2.8", "versionStartIncluding": "7.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories."}, {"lang": "es", "value": "Se ha descubierto un problema en ext/standard/link_win32.c en PHP en versiones anteriores a la 5.6.37, versiones 7.0.x anteriores a la 7.0.31, versiones 7.1.x anteriores a la 7.1.20 y versiones 7.2.x anteriores a la 7.2.8. La funci\u00f3n linkinfo en Windows no implementa la comprobaci\u00f3n open_basedir. Se podr\u00eda abusar de esto para encontrar archivos en rutas fuera de los directorios permitidos."}], "id": "CVE-2018-15132", "lastModified": "2019-03-08T13:30:39.977", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-07T15:29:00.873", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://php.net/ChangeLog-5.php"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://php.net/ChangeLog-7.php"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://bugs.php.net/bug.php?id=76459"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20181107-0003/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2018-12"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}