CVE-2023-3247

CWE-252Unchecked Return ValueCWE-330CWE-3349 documents8 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 53.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
PHP Group PHPPHP PHP
Timeline
PublishedJul 22
Latest updateOct 23

Description

In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:NExploitability: 1.2 | Impact: 1.4

Affected Packages4 packages

NVDphp/php8.0.08.0.29+2
CVEListV5php_group/php8.0.*8.0.29+2
Debianphp7.4< 7.4.33-1+deb11u4
Debianphp8.2< 8.2.7-1~deb12u1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
CVEList
Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP2023-07-22
OSV
CVE-2023-3247: In PHP versions 82023-07-22

📋Vendor Advisories

6
Ubuntu
PHP vulnerability2023-10-23
Oracle
Oracle Oracle Communications Applications Risk Matrix: Core (PHP) — CVE-2023-32472023-10-15
Microsoft
Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP2023-07-11
Red Hat
php: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP2023-07-03
Ubuntu
PHP vulnerability2023-07-03
CVE-2023-3247 (MEDIUM CVSS 4.3) | In PHP versions 8.0.* before 8.0.29 | cvebase.io