CVE-2020-7070 — MEDIUM (4.3)

Q: How severe is CVE-2020-7070?

CVE-2020-7070 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-7070?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Fedoraproject Fedora, Debian Debian Linux, Opensuse Leap, Canonical Ubuntu Linux.

Vulnerability Description

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Php	Php	>= 7.2.0, < 7.2.34
Fedoraproject	Fedora	31
Debian	Debian Linux	9.0
Opensuse	Leap	15.1
Canonical	Ubuntu Linux	12.04
Netapp	Clustered Data Ontap	-
Tenable	Tenable.Sc	< 5.19.0

Related Weaknesses (CWE)

CWE-20 CWE-565

References

http://cve.circl.lu/cve/CVE-2020-8184Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.htmlMailing ListThird Party Advisory
https://bugs.php.net/bug.php?id=79699Issue TrackingVendor Advisory
https://hackerone.com/reports/895727ExploitThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00008.htmlMailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://security.gentoo.org/glsa/202012-16Third Party Advisory
https://security.netapp.com/advisory/ntap-20201016-0001/Third Party Advisory
https://usn.ubuntu.com/4583-1/Third Party Advisory
https://www.debian.org/security/2021/dsa-4856Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.htmlNot ApplicableThird Party Advisory
https://www.tenable.com/security/tns-2021-14Third Party Advisory

FAQ

What is CVE-2020-7070?

CVE-2020-7070 is a vulnerability with a CVSS score of 4.3 (MEDIUM). In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefi...

How severe is CVE-2020-7070?

CVE-2020-7070 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-7070?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Fedoraproject Fedora, Debian Debian Linux, Opensuse Leap, Canonical Ubuntu Linux.