Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling

high Web App Scanning Plugin ID 114497

Synopsis

Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling

Description

Symfony versions prior to 5.4.46 or 6.x prior to 6.4.14 or 7.x prior to 7.1.7 is vulnerable when the register_argc_argv php directive is set to 'on' and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by the kernel when handling the request.

Note that since the vulnerable Symfony component is embedded in Laravel, the plugin is likely to detect a vulnerable Laravel instance.

Solution

Upgrade to Symfony version 5.4.46 or 6.4.14 or 7.1.7 or later.

See Also

https://github.com/symfony/symfony/commit/a77b308c3f179ed7c8a8bc295f82b2d6ee3493fa

https://symfony.com/blog/cve-2024-50340-ability-to-change-environment-from-query

Plugin Details

Severity: High

ID: 114497

Type: remote

Published: 11/7/2024

Updated: 11/20/2024

Scan Template: api, basic, full, pci, scan

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2024-50340

CVSS v3

Risk Factor: High

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS Score Source: CVE-2024-50340

CVSS v4

Risk Factor: High

Base Score: 8.7

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2024-52301

Vulnerability Information

CPE: cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/5/2024

Vulnerability Publication Date: 11/6/2024

Reference Information

CVE: CVE-2024-50340, CVE-2024-52301