Vulnerability CVE-2015-5723

Vulnerability Name:

CVE-2015-5723 (CCN-114784)

Assigned:

2015-08-31

Published:

2015-08-31

Updated:

2016-11-28

Summary:

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-264

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2015-5723

Source: CONFIRM
Type: UNKNOWN
http://framework.zend.com/security/advisory/ZF2015-07

Source: DEBIAN
Type: UNKNOWN
DSA-3369

Source: CCN
Type: Doctrine Web site
Security Misconfiguration Vulnerability in various Doctrine projects

Source: CONFIRM
Type: Vendor Advisory
http://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html

Source: XF
Type: UNKNOWN
doctrine-cve20155723-code-exec(114784)

Source: FEDORA
Type: UNKNOWN
FEDORA-2016-fa7e683c6e

Source: FEDORA
Type: UNKNOWN
FEDORA-2016-8dc0af2c29

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-5723

Vulnerable Configuration:

Configuration 1:

cpe:/a:zend:zend-cache:*:*:*:*:*:*:*:* (Version <= 2.4.7)

OR cpe:/a:zend:zend-cache:2.5.0:*:*:*:*:*:*:*

OR cpe:/a:zend:zend-cache:2.5.1:*:*:*:*:*:*:*

OR cpe:/a:zend:zend-cache:2.5.2:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:doctrine-project:object_relational_mapper:*:*:*:*:*:*:*:* (Version <= 2.4.7)

OR cpe:/a:doctrine-project:object_relational_mapper:2.5.0:*:*:*:*:*:*:*

OR cpe:/a:doctrine-project:object_relational_mapper:2.5.0:alpha1:*:*:*:*:*:*

OR cpe:/a:doctrine-project:object_relational_mapper:2.5.0:alpha2:*:*:*:*:*:*

OR cpe:/a:doctrine-project:object_relational_mapper:2.5.0:beta1:*:*:*:*:*:*

OR cpe:/a:doctrine-project:object_relational_mapper:2.5.0:rc1:*:*:*:*:*:*

OR cpe:/a:doctrine-project:object_relational_mapper:2.5.0:rc2:*:*:*:*:*:*

Configuration 4:

cpe:/a:doctrine-project:doctrinemongodbbundle:3.0.0:*:*:*:*:*:*:*

Configuration 5:

cpe:/a:zend:zend_framework:*:*:*:*:*:*:*:* (Version <= 2.4.7)

Configuration 6:

cpe:/a:doctrine-project:common:*:*:*:*:*:*:*:* (Version <= 2.4.2)

OR cpe:/a:doctrine-project:common:2.5.0:*:*:*:*:*:*:*

OR cpe:/a:doctrine-project:common:2.5.0:beta1:*:*:*:*:*:*

Configuration 7:

cpe:/a:doctrine-project:annotations:*:*:*:*:*:*:*:* (Version <= 1.2.6)

Configuration 8:

cpe:/a:doctrine-project:mongodb-odm:*:*:*:*:*:*:*:* (Version <= 1.0.1)

Configuration 9:

cpe:/a:zend:zend_framework:*:*:*:*:*:*:*:* (Version <= 1.12.15)

Configuration 10:

cpe:/a:doctrine-project:cache:*:*:*:*:*:*:*:* (Version <= 1.3.1)

OR cpe:/a:doctrine-project:cache:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:doctrine-project:cache:1.4.1:*:*:*:*:*:*:*

Configuration 11:

cpe:/a:zend:zf-apigility-doctrine:*:*:*:*:*:*:*:* (Version <= 1.0.2)

Configuration CCN 1:

cpe:/a:doctrine-project:annotations:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:doctrine-project:cache:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:doctrine-project:common:2.5.0:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:com.ubuntu.artful:def:20155723000	V	CVE-2015-5723 on Ubuntu 17.10 (artful) - medium.	2016-06-07
oval:com.ubuntu.trusty:def:20155723000	V	CVE-2015-5723 on Ubuntu 14.04 LTS (trusty) - medium.	2016-06-07
oval:com.ubuntu.bionic:def:20155723000	V	CVE-2015-5723 on Ubuntu 18.04 LTS (bionic) - medium.	2016-06-07
oval:com.ubuntu.xenial:def:20155723000	V	CVE-2015-5723 on Ubuntu 16.04 LTS (xenial) - medium.	2016-06-07
oval:com.ubuntu.cosmic:def:20155723000	V	CVE-2015-5723 on Ubuntu 18.10 (cosmic) - medium.	2016-06-07
oval:com.ubuntu.precise:def:20155723000	V	CVE-2015-5723 on Ubuntu 12.04 LTS (precise) - medium.	2016-06-07
oval:org.cisecurity:def:219	P	DSA-3369-1 -- zendframework -- security update	2016-02-08

BACK