CVE-2020-11579

An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://github.com/ShielderSec/CVE-2020-11579	Exploit Third Party Advisory
https://shielder.it/	Third Party Advisory
https://www.phpkb.com	Product
https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/	Exploit Third Party Advisory
https://github.com/ShielderSec/CVE-2020-11579	Exploit Third Party Advisory
https://shielder.it/	Third Party Advisory
https://www.phpkb.com	Product
https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:chadhaajay:phpkb:9.0:*:*:*:enterprise:*:*:*

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-09-03 18:15

Updated : 2024-11-21 04:58

NVD link : CVE-2020-11579

Mitre link : CVE-2020-11579

CVE.ORG link : CVE-2020-11579

JSON object : View

Products Affected

php

php

chadhaajay

phpkb

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2020-11579", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-09-03T18:15:12.707", "references": [{"url": "https://github.com/ShielderSec/CVE-2020-11579", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://shielder.it/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.phpkb.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/ShielderSec/CVE-2020-11579", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://shielder.it/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.phpkb.com", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Chadha PHPKB versi\u00f3n 9.0 Enterprise Edition. El archivo installer/test-connection.php (parte del proceso de instalaci\u00f3n) permite a un atacante remoto no autenticado revelar archivos locales en hosts que ejecutan PHP versiones anteriores a 7.2.16, o en hosts donde la opci\u00f3n MySQL ALLOW LOCAL DATA INFILE est\u00e1 habilitada"}], "lastModified": "2024-11-21T04:58:09.920", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:chadhaajay:phpkb:9.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "B2AA1F0E-1EDD-4C58-881B-56A77E08FBF0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8AA801B9-89E7-4AB2-8FFD-56F43FD88A16", "versionEndExcluding": "7.2.16"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}