| Vulnerability Name: | CVE-2020-1898 (CCN-198086) |
| Assigned: | 2019-12-02 |
| Published: | 2020-06-30 |
| Updated: | 2021-03-17 |
| Summary: | The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.
|
| CVSS v3 Severity: | 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): High |
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): High |
|
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial |
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete |
|
| Vulnerability Type: | CWE-674
|
| Vulnerability Consequences: | Denial of Service |
| References: | Source: MITRE
Type: CNA
CVE-2020-1898
Source: XF
Type: UNKNOWN
facebook-cve20201898-dos(198086)
Source: MISC
Type: Patch, Third Party Advisory
https://github.com/facebook/hhvm/commit/1746dfb11fc0048366f34669e74318b8278a684c
Source: CCN
Type: HHVM Blog, June 30, 2020
HHVM
Source: CONFIRM
Type: Vendor Advisory
https://hhvm.com/blog/2020/06/30/security-update.html
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:facebook:hhvm:*:*:*:*:*:*:*:* (Version < 4.32.3)OR cpe:/a:facebook:hhvm:*:*:*:*:*:*:*:* (Version >= 4.33.0 and < 4.56.1)OR cpe:/a:facebook:hhvm:4.57.0:*:*:*:*:*:*:*OR cpe:/a:facebook:hhvm:4.58.0:*:*:*:*:*:*:*OR cpe:/a:facebook:hhvm:4.58.1:*:*:*:*:*:*:*OR cpe:/a:facebook:hhvm:4.59.0:*:*:*:*:*:*:*OR cpe:/a:facebook:hhvm:4.60.0:*:*:*:*:*:*:*OR cpe:/a:facebook:hhvm:4.61.0:*:*:*:*:*:*:*OR cpe:/a:facebook:hhvm:4.62.0:*:*:*:*:*:*:*
Configuration CCN 1:
cpe:/a:facebook:hhvm:4.32.0:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| BACK |