CVE-2017-7272 Information

Description

PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized fsockopen will use the port number that is specified in the hostname argument instead of the port number in the second argument of the function.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

Reference

http://www.securityfocus.com/bid/97178 http://www.securitytracker.com/id/1038158 https://bugs.php.net/bug.php?id=74216 https://bugs.php.net/bug.php?id=75505 https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a https://security.netapp.com/advisory/ntap-20180112-0001/ https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170403-0_PHP_Misbehavior_of_fsockopen_function_v10.txt

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

7.4