Lucene search

K
f5F5F5:K14432
HistorySep 23, 2013 - 12:00 a.m.

K14432 : PHP SOAP wdsl cache file vulnerability CVE-2013-1635

2013-09-2300:00:00
my.f5.com
16

6.2 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

Security Advisory Description

PHP does not validate the configuration directive soap.wsdl_cache_dir before writing SOAP wsdl cache files to the filesystem.
Impact
An attacker is able to write remote wsdl files to arbitrary locations on an affected system.