{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-49282", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-11-24T16:45:24.312Z", "datePublished": "2023-12-05T22:40:44.054Z", "dateUpdated": "2024-08-02T21:53:45.373Z"}, "containers": {"cna": {"title": "Test code in published microsoft-graph package exposes phpinfo()", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/microsoftgraph/msgraph-sdk-php/security/advisories/GHSA-cgwq-6prq-8h9q", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php/security/advisories/GHSA-cgwq-6prq-8h9q"}, {"name": "https://github.com/microsoftgraph/msgraph-beta-sdk-php/compare/2.0.0...2.0.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/microsoftgraph/msgraph-beta-sdk-php/compare/2.0.0...2.0.1"}, {"name": "https://github.com/microsoftgraph/msgraph-sdk-php-core/compare/2.0.1...2.0.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php-core/compare/2.0.1...2.0.2"}, {"name": "https://github.com/microsoftgraph/msgraph-sdk-php/compare/1.109.0...1.109.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php/compare/1.109.0...1.109.1"}, {"name": "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/", "tags": ["x_refsource_MISC"], "url": "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/"}], "affected": [{"vendor": "microsoftgraph", "product": "msgraph-sdk-php", "versions": [{"version": ">= 1.16.0, < 1.109.1", "status": "affected"}, {"version": ">= 2.0.0-RC1, < 2.0.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-05T22:44:21.628Z"}, "descriptions": [{"lang": "en", "value": "msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php. The phpInfo function exposes system information. The vulnerability affects the GetPhpInfo.php script of the PHP SDK which contains a call to the phpinfo() function. This vulnerability requires a misconfiguration of the server to be present so it can be exploited. For example, making the PHP application\u2019s /vendor directory web accessible. The combination of the vulnerability and the server misconfiguration would allow an attacker to craft an HTTP request that executes the phpinfo() method. The attacker would then be able to get access to system information like configuration, modules, and environment variables and later on use the compromised secrets to access additional data. This problem has been patched in versions 1.109.1 and 2.0.0-RC5. If an immediate deployment with the updated vendor package is not available, you can perform the following temporary workarounds: delete the `vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php` file, remove access to the `/vendor` directory, or disable the phpinfo function."}], "source": {"advisory": "GHSA-cgwq-6prq-8h9q", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:53:45.373Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/microsoftgraph/msgraph-sdk-php/security/advisories/GHSA-cgwq-6prq-8h9q", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php/security/advisories/GHSA-cgwq-6prq-8h9q"}, {"name": "https://github.com/microsoftgraph/msgraph-beta-sdk-php/compare/2.0.0...2.0.1", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/microsoftgraph/msgraph-beta-sdk-php/compare/2.0.0...2.0.1"}, {"name": "https://github.com/microsoftgraph/msgraph-sdk-php-core/compare/2.0.1...2.0.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php-core/compare/2.0.1...2.0.2"}, {"name": "https://github.com/microsoftgraph/msgraph-sdk-php/compare/1.109.0...1.109.1", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php/compare/1.109.0...1.109.1"}, {"name": "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:graph:*:*:*:*:*:*:*:*", "matchCriteriaId": "C94B1CEC-103C-4159-8F20-DE2FC607E9D7", "versionEndExcluding": "1.109.1", "versionStartIncluding": "1.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:graph:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3322A59-46DB-4D0E-B56F-D3F9E14AF180", "versionEndExcluding": "2.0.1", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php. The phpInfo function exposes system information. The vulnerability affects the GetPhpInfo.php script of the PHP SDK which contains a call to the phpinfo() function. This vulnerability requires a misconfiguration of the server to be present so it can be exploited. For example, making the PHP application\u2019s /vendor directory web accessible. The combination of the vulnerability and the server misconfiguration would allow an attacker to craft an HTTP request that executes the phpinfo() method. The attacker would then be able to get access to system information like configuration, modules, and environment variables and later on use the compromised secrets to access additional data. This problem has been patched in versions 1.109.1 and 2.0.0-RC5. If an immediate deployment with the updated vendor package is not available, you can perform the following temporary workarounds: delete the `vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php` file, remove access to the `/vendor` directory, or disable the phpinfo function."}, {"lang": "es", "value": "msgraph-sdk-php es la librer\u00eda de Microsoft Graph para PHP. El SDK PHP de Microsoft Graph public\u00f3 paquetes que conten\u00edan c\u00f3digo de prueba que permit\u00eda el uso de la funci\u00f3n phpInfo() desde cualquier aplicaci\u00f3n que pudiera acceder y ejecutar el archivo en proveedor/microsoft/microsoft-graph/tests/GetPhpInfo.php. La funci\u00f3n phpInfo expone informaci\u00f3n del sistema. La vulnerabilidad afecta al script GetPhpInfo.php del SDK de PHP que contiene una llamada a la funci\u00f3n phpinfo(). Esta vulnerabilidad requiere que est\u00e9 presente una mala configuraci\u00f3n del servidor para poder explotarla. Por ejemplo, hacer que el directorio web/proveedor de la aplicaci\u00f3n PHP sea accesible. La combinaci\u00f3n de la vulnerabilidad y la mala configuraci\u00f3n del servidor permitir\u00eda a un atacante crear una solicitud HTTP que ejecute el m\u00e9todo phpinfo(). Luego, el atacante podr\u00eda obtener acceso a informaci\u00f3n del sistema, como configuraci\u00f3n, m\u00f3dulos y variables de entorno, y luego utilizar los secretos comprometidos para acceder a datos adicionales. Este problema se solucion\u00f3 en las versiones 1.109.1 y 2.0.0-RC5. Si no est\u00e1 disponible una implementaci\u00f3n inmediata con el paquete de proveedor actualizado, puede realizar las siguientes soluciones temporales: eliminar el archivo `vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php`, eliminar el acceso al directorio `/vendor`, o deshabilite la funci\u00f3n phpinfo."}], "id": "CVE-2023-49282", "lastModified": "2024-11-21T08:33:10.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-05T23:15:07.063", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/microsoftgraph/msgraph-beta-sdk-php/compare/2.0.0...2.0.1"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php-core/compare/2.0.1...2.0.2"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php/compare/1.109.0...1.109.1"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php/security/advisories/GHSA-cgwq-6prq-8h9q"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/microsoftgraph/msgraph-beta-sdk-php/compare/2.0.0...2.0.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php-core/compare/2.0.1...2.0.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php/compare/1.109.0...1.109.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/microsoftgraph/msgraph-sdk-php/security/advisories/GHSA-cgwq-6prq-8h9q"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}