CVE-2020-7063
Files added to tar with Phar::buildFromIterator have all-access permissions
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.
En PHP versiones 7.2.x por debajo de 7.2.28, versiones 7.3.x por debajo de 7.3.15 y versiones 7.4.x por debajo de 7.4.3, cuando es creado un archivo PHAR usando la función PharData::buildFromIterator(), los archivos son agregados con permisos predeterminados (0666, o acceso total) incluso si los archivos originales en el sistema de archivos estaban con permisos más restrictivos. Esto puede causar que los archivos tengan más permisos laxos de lo previsto cuando dicho archivo es extraído.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-15 CVE Reserved
- 2020-02-27 CVE Published
- 2024-06-12 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-281: Improper Preservation of Permissions
- CWE-284: Improper Access Control
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://bugs.php.net/bug.php?id=79082 | 2024-09-16 |
| URL | Date | SRC |
|---|---|---|
| https://www.tenable.com/security/tns-2021-14 | 2022-05-08 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html | 2022-05-08 | |
| https://security.gentoo.org/glsa/202003-57 | 2022-05-08 | |
| https://usn.ubuntu.com/4330-1 | 2022-05-08 | |
| https://www.debian.org/security/2020/dsa-4717 | 2022-05-08 | |
| https://www.debian.org/security/2020/dsa-4719 | 2022-05-08 | |
| https://access.redhat.com/security/cve/CVE-2020-7063 | 2020-12-01 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1808536 | 2020-12-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 7.2.0 <= 7.2.27 Search vendor "Php" for product "Php" and version " >= 7.2.0 <= 7.2.27" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 7.3.0 <= 7.3.14 Search vendor "Php" for product "Php" and version " >= 7.3.0 <= 7.3.14" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 7.4.0 <= 7.4.2 Search vendor "Php" for product "Php" and version " >= 7.4.0 <= 7.4.2" | - |
Affected
| ||||||
| Tenable Search vendor "Tenable" | Tenable.sc Search vendor "Tenable" for product "Tenable.sc" | < 5.19.0 Search vendor "Tenable" for product "Tenable.sc" and version " < 5.19.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
| ||||||