CVE-2023-0662 - OpenCVE

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Php	Php
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
php:8.0-8080020231006102311.0b4eb31d	cpe:/a:redhat:enterprise_linux:8	RHSA-2023:5927	2023-10-19T00:00:00Z
Red Hat Enterprise Linux 9
php-0:8.0.30-1.el9_2	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:5926	2023-10-19T00:00:00Z
php:8.1-9030020231221080340.9	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:0387	2024-01-24T00:00:00Z

References

Link	Providers
https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv
https://nvd.nist.gov/vuln/detail/CVE-2023-0662
https://security.netapp.com/advisory/ntap-20230517-0001/
https://www.cve.org/CVERecord?id=CVE-2023-0662

History

No history.

MITRE

Status: PUBLISHED

Assigner: php

Published: 2023-02-16T06:24:01.692Z

Updated: 2024-08-02T05:17:50.335Z

Reserved: 2023-02-03T18:37:37.552Z

Link: CVE-2023-0662

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-16T07:15:10.577

Modified: 2023-05-17T20:15:09.603

Link: CVE-2023-0662

Redhat

Severity : Moderate

Publid Date: 2023-02-15T00:00:00Z

Links: CVE-2023-0662 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0662", "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "state": "PUBLISHED", "assignerShortName": "php", "dateReserved": "2023-02-03T18:37:37.552Z", "datePublished": "2023-02-16T06:24:01.692Z", "dateUpdated": "2024-08-02T05:17:50.335Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "PHP", "repo": "https://github.com/php/php-src", "vendor": "PHP Group", "versions": [{"lessThan": "8.0.28", "status": "affected", "version": "8.0.x", "versionType": "semver"}, {"lessThan": "8.1.16", "status": "affected", "version": "8.1.x", "versionType": "semver"}, {"lessThan": "8.2.3", "status": "affected", "version": "8.2.x", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jakob Ackermann"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. "}], "value": "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.\u00a0"}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php", "dateUpdated": "2023-02-16T06:24:01.692Z"}, "references": [{"url": "https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv"}, {"url": "https://security.netapp.com/advisory/ntap-20230517-0001/"}], "source": {"advisory": "https://github.com/php/php-src/security/advisories/GHSA-54hq-v5w", "discovery": "EXTERNAL"}, "title": "DoS vulnerability when parsing multipart request body", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:17:50.335Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230517-0001/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBCCD85D-5679-42EE-B6C6-A9A309E2B4BC", "versionEndExcluding": "8.0.28", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDC7B443-3E3C-4888-AC9B-7415D2C5C059", "versionEndExcluding": "8.1.16", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C14298C-48A4-4FD8-BFA0-808CF935490B", "versionEndExcluding": "8.2.3", "versionStartIncluding": "8.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.\u00a0"}], "id": "CVE-2023-0662", "lastModified": "2023-05-17T20:15:09.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@php.net", "type": "Secondary"}]}, "published": "2023-02-16T07:15:10.577", "references": [{"source": "security@php.net", "tags": ["Third Party Advisory"], "url": "https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv"}, {"source": "security@php.net", "url": "https://security.netapp.com/advisory/ntap-20230517-0001/"}], "sourceIdentifier": "security@php.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "security@php.net", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:5927", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "php:8.0-8080020231006102311.0b4eb31d", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-10-19T00:00:00Z"}, {"advisory": "RHSA-2023:5926", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "php-0:8.0.30-1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-10-19T00:00:00Z"}, {"advisory": "RHSA-2024:0387", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "php:8.1-9030020231221080340.9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-01-24T00:00:00Z"}], "bugzilla": {"description": "php: DoS vulnerability when parsing multipart request body", "id": "2170761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170761"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400->CWE-779", "details": ["In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.\u00a0", "A vulnerability was found in PHP. This security flaw occurs when the request body parsing in PHP allows any unauthenticated attacker to consume a large amount of CPU time and trigger excessive logging. A large amount of CPU time required for processing requests can block all available worker processes and significantly delay or slow the processing of legitimate user requests. The large volume of warning messages can wear down the disk and fill it up. A complete denial of service is achievable by sending many concurrent multipart requests in a loop. PHP parses the request body before invoking any application scripts. This vulnerability affects all PHP websites that accept POST request bodies (post_max_size set to a value greater than zero, the default value is 8MB)."], "mitigation": {"lang": "en:us", "value": "Users can decrease the post_max_size close to zero. This will render most websites non-interactive and break file uploads."}, "name": "CVE-2023-0662", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "php", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "php:7.4/php", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-php73-php", "product_name": "Red Hat Software Collections"}], "public_date": "2023-02-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-0662\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0662\nhttps://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv"], "threat_severity": "Moderate"}