Vulnerability Name:

CVE-2020-36193 (CCN-195056)

Assigned:2020-12-14
Published:2020-12-14
Updated:2022-01-01
Summary:Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-22
CWE-59
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2020-36193

Source: XF
Type: UNKNOWN
archivetar-cve202036193-dir-traversal(195056)

Source: CCN
Type: Archive_Tar GIT Repository
Disallow symlinks to out-of-path filenames

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210121 [SECURITY] [DLA-2530-1] drupal7 security update

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210408 [SECURITY] [DLA 2621-1] php-pear security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-0c013f520c

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-dc7de65eed

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-8093e197f4

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-02996612f6

Source: GENTOO
Type: Third Party Advisory
GLSA-202101-23

Source: DEBIAN
Type: Third Party Advisory
DSA-4894

Source: CCN
Type: SA-CORE-2021-001
Drupal core - Critical - Third-party libraries

Source: CONFIRM
Type: Third Party Advisory
https://www.drupal.org/sa-core-2021-001

Source: CCN
Type: IBM Security Bulletin 6440659 (API Connect)
IBM API Connect is impacted by a directory traversal vulnerability in Drupal core SA-CORE-2021-001 (CVE-2020-36193)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:php:archive_tar:*:*:*:*:*:*:*:* (Version <= 1.4.11)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:drupal:drupal:*:*:*:*:*:*:*:* (Version >= 7.0 and < 7.78)
  • OR cpe:/a:drupal:drupal:*:*:*:*:*:*:*:* (Version >= 8.9.0 and < 8.9.13)
  • OR cpe:/a:drupal:drupal:*:*:*:*:*:*:*:* (Version >= 9.0.0 and < 9.0.11)
  • OR cpe:/a:drupal:drupal:*:*:*:*:*:*:*:* (Version >= 9.1.0 and < 9.1.3)

    • Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:php:archive_tar:1.4.11:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:api_connect:5.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:2018.4.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:2018.4.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:10.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.8.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:10.0.1.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8087
    P
    		php7-pear-1.10.21-3.6.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:8164
    P
    		Security update for python-sqlparse (Moderate)
    2023-06-08
    oval:org.opensuse.security:def:8185
    P
    		Security update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets (Important) (in QA)
    2023-05-18
    oval:com.redhat.rhsa:def:20227340
    P
    		RHSA-2022:7340: php-pear security update (Moderate)
    2022-11-02
    oval:com.redhat.rhsa:def:20226542
    P
    		RHSA-2022:6542: php:7.4 security update (Moderate)
    2022-09-15
    oval:org.opensuse.security:def:95372
    P
    		Security update for freerdp (Critical)
    2022-07-11
    oval:org.opensuse.security:def:3445
    P
    		binutils-2.32-9.36.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95075
    P
    		php7-pear-1.10.21-3.6.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:102085
    P
    		Security update for MozillaThunderbird (Important)
    2022-04-13
    oval:org.opensuse.security:def:6156
    P
    		Security update for samba (Critical)
    2022-02-14
    oval:org.opensuse.security:def:111058
    P
    		Security update for php7-pear (Important)
    2021-09-15
    oval:org.opensuse.security:def:69274
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:102819
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:109485
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:102268
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:96129
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:111714
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:1708
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:69253
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:118581
    P
    		Security update for php7-pear (Important)
    2021-09-13
    oval:org.opensuse.security:def:20980
    P
    		Security update for php74-pear (Important)
    2021-09-09
    oval:org.opensuse.security:def:49451
    P
    		Security update for php74-pear (Important)
    2021-09-09
    oval:org.opensuse.security:def:45190
    P
    		Security update for php53 (Important)
    2021-09-03
    oval:org.opensuse.security:def:40760
    P
    		Security update for php53 (Important)
    2021-09-03
    oval:org.opensuse.security:def:26118
    P
    		Security update for php72 (Important)
    2021-09-02
    oval:org.opensuse.security:def:5105
    P
    		Security update for php72 (Important)
    2021-09-02
    oval:org.opensuse.security:def:49450
    P
    		Security update for php72 (Important)
    2021-09-02
    oval:org.opensuse.security:def:20979
    P
    		Security update for php72 (Important)
    2021-09-02
    oval:org.opensuse.security:def:76313
    P
    		Security update for php7 (Important)
    2021-08-30
    oval:org.opensuse.security:def:66913
    P
    		Security update for php7 (Important)
    2021-08-30
    oval:org.opensuse.security:def:111693
    P
    		Security update for php7 (Important)
    2021-08-30
    oval:org.opensuse.security:def:67245
    P
    		Security update for php7 (Important)
    2021-08-30
    oval:org.opensuse.security:def:5824
    P
    		Security update for php7 (Important)
    2021-08-30
    oval:org.opensuse.security:def:75981
    P
    		Security update for php7 (Important)
    2021-08-30
    oval:org.opensuse.security:def:108751
    P
    		Security update for php7 (Important)
    2021-08-30
    BACK
    php archive tar *
    fedoraproject fedora 32
    fedoraproject fedora 33
    fedoraproject fedora 34
    fedoraproject fedora 35
    debian debian linux 9.0
    debian debian linux 10.0
    drupal drupal *
    drupal drupal *
    drupal drupal *
    drupal drupal *
    php archive tar 1.4.11
    ibm api connect 5.0.0.0
    ibm api connect 2018.4.1.10
    ibm api connect 2018.4.1.13
    ibm api connect 10.0.0.0
    ibm api connect 5.0.8.10
    ibm api connect 10.0.1.1